This topic describes the Security service Event Exchange (SDEE) event source parameters.
Use the SDEE option on the Log Collector Config View Event Sources tab to add and maintain configuration parameters for collecting Intrusion Detection System (IDS) data (for example, Cisco Secure IDS messages) formatted under the SDEE standard.
To access the SDEE Event Source Configuration Parameters:
- In the Security Analytics menu, select Administration > Services.
- In the Services grid, select a Log Collector service.
- Click under Actions and select View > Config.
- In the Event Sources tab, select SDEE/Config from the drop-down menu.
The SDEE/Config view in the Event Sources tab has two panels: Event Categories and Sources.
Event Categories Panel
In the Event Categories panel, you can add or delete the appropriate event source types.
Available Event Sources Types Dialog
The Available Event Source Types dialog displays the list of supported event source types.
Use this panel to review, add, modify, and delete event sources.
The following table provides descriptions of the toolbar options.
Add or Modify Source Dialog
In this dialog, you add or modify a file directory for the selected event source.
Add or Edit Source Parameters
The following table provides descriptions of the source parameters.