This topic introduces the services configuration parameters available in the Sources tab of the Services Config view for the Reporting Engine. The Sources tab for the Reporting Engine service in the Services Config view controls that data sources associated with a Reporting Engine. The Source tab consists of a single panel with a toolbar and a grid that lists the data sources associated with the Reporting Engine.
All procedures associated with this tab are available in Configure Reporting Engine or Additional Procedures for Configuring the Reporting Engine.
About the Data Sources
The data sources available to the Reporting Engine for which you are defining reports and defining alerts are:
- IPDB Data Sources - The Internet Protocol Database (IPDB) data source contains both normalized and raw event messages. It stores all collected messages in a file system organized by event source (service), IP address, and time (year/month/day) with index files to facilitate searches (report and queries).
NWDB Data Sources - The NetWitness Database (NWDB) data sources are Decoders, Log Decoders, Brokers, Concentrators, Archiver, and Collection.
- Warehouse Data Sources - The Warehouse data sources are Pivotal and MapR.
- IMDB Data Source - The Incident Management Data Base data sources are Reporting Engine, ESA, Malware, ECAT, and Web Threat Detection. IMDB is used to store the alerts and incidents reports.
If you set a source as the default data source, Security Analytics uses that source when you create reports and alerts unless you choose to override it with one of the other sources listed in this tab.
To access this view:
- In the Security Analytics menu, select Administration > Services.
- In the Services Grid, select a Reporting Engine service.
- Click > View > Config.
Select the Sources tab.
The Service Config View is displayed with the Reporting Engine Sources tab open.
You can perform the following actions on the Sources tab:
The data sources are listed under the different categories as follows:
- IPDB Data Sources category : Security Analytics displays the IPDB Extractor service data sources.
- NWDB Data Sources category, Security Analytics displays the NetWitness data sources.
- Warehouse Data Sources category : Security Analytics displays the Warehouse data sources.