RSA Admin

How to Consolidate Windows xp logs to reduce the number of devices being monitored in Envision

Discussion created by RSA Admin Employee on May 10, 2010

I have a large number of Windows XP devices that are part of a retail network, and I need to collect event logs for PCI compliancy.  Right now its too costly to purchase the hardware and licensing necessary to monitor all of these separate devices with Envision. I would need multiple collectors and multiple device license in order to do this.

 

Is there any way to consolidate all of the Windows event logs to one server, and then poll that single server with Envision to get the logs??  I never used SNARE , but If I could have SNARE collect the logs to a SNARE server and then have envision use only 1 device license to pull the data?  Just a thought

 

Thanks,

Tony

Outcomes