RSA Event Source Configuration Guide. EMC Avamar



Similar documents
RSA Event Source Configuration Guide

RSA Event Source Configuration Guide. Microsoft Dynamic Host Configuration Protocol Server

RSA Event Source Configuration Guide. McAfee Database Security

RSA Event Source Configuration Guide. Microsoft Internet Information Services

RSA Security Analytics

RSA Event Source Configuration Guide. McAfee Firewall Enterprise

RSA Event Source Configuration Guide. RSA Data Loss Prevention Suite

RSA Security Analytics

RSA Event Source Configuration Guide. Citrix Xenmobile Mobile Device Manager

Converting InfoPlus.21 Data to a Microsoft SQL Server 2000 Database

RSA Security Analytics

Lieberman Software Corporation Enterprise Random Password Manager

RSA Security Analytics

CIMHT_006 How to Configure the Database Logger Proficy HMI/SCADA CIMPLICITY

Set Up Setup with Microsoft Outlook 2007 using POP3

Reconfiguring VMware vsphere Update Manager

RSA Security Analytics

RSA Event Source Configuration Guide. IBM iseries AS/400

RSA Event Source Configuration Guide. Microsoft Exchange Server

Reconfiguration of VMware vcenter Update Manager

Installing SQL Express. For CribMaster 9.2 and Later

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Management, Logging and Troubleshooting

Integrate ExtraHop with Splunk

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Wave 500 IP PBX v4.5. SIP Trunking using the Optimum Business Sip Trunk Adaptor and the Wave 500 IP PBX v4.5

RSA Security Analytics

Reconfiguring VMware vsphere Update Manager

Setup Guide. network support pc repairs web design graphic design Internet services spam filtering hosting sales programming

The purpose of this document is to describe how to connect Crystal Reports with BMC Remedy AR System using ODBC.

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

Sage Pay User Guide for Sage 200

RSA Event Source Configuration Guide. F5 Big-IP Local Traffic Manager

Microsoft Outlook 2010

Querying Databases Using the DB Query and JDBC Query Nodes

IBM Security QRadar SIEM Version MR1. Log Sources User Guide

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Migrating helpdesk to a new server

Set up Outlook for your new student e mail with IMAP/POP3 settings

How-to configure Auditing for IDENTIKEY Authentication Server 3.2 to a remote Oracle Database on a standalone Microsoft machine.

Thirtyseven4 Endpoint Security (EPS) Upgrading Instructions

Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal

Dynamic DNS How-To Guide

PC Monitor Enterprise Server. Setup Guide

Windows Vista: Connecting to the wireless network at Hood College

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

BroadSoft BroadWorks ver. 17 SIP Configuration Guide

Windows Live Mail Setup Guide

Integrating with IBM Tivoli TSOM

Pandora FMS 3.0 Quick User's Guide: Network Monitoring. Pandora FMS 3.0 Quick User's Guide

Guide to Installing BBL Crystal MIND on Windows 7

MICROSTRATEGY 9.3 Supplement Files Setup Transaction Services for Dashboard and App Developers

1 Login to your CSUF student account and click on the Settings icon ( ) at the far right.

client configuration guide. Business

MicroStrategy Intelligence Server Configuration Table of contents

General Tips: Page 1 of 20. By Khaled Elshaer.

WorldShip Export Shipment Data

Connect to MySQL or Microsoft SQL Server using R

8.7. NET SatisFAXtion Gateway Installation Guide. For NET SatisFAXtion 8.7. Contents

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Installing RMFT on an MS Cluster

ESET SECURE AUTHENTICATION. Check Point Software SSL VPN Integration Guide

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

NetIQ Sentinel Quick Start Guide

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

IIS, FTP Server and Windows

WIRELESS SETUP FOR WINDOWS 7

SIP Trunking using the Optimum Business SIP Trunk adaptor and the AltiGen Max1000 IP PBX version 6.7

TE100-P21/TEW-P21G Windows 7 Installation Instruction

EventTracker: Integrating Imperva SecureSphere

This tutorial provides detailed instructions to help you download and configure Internet Explorer 6.0 for use with Web Commerce application.

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations

Step by Step: vcenter Syslog Collector installation

Installation Manual for Setting up SAP Business Objects BI 4.0 Edge System

How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment

MadCap Software. Upgrading Guide. Pulse

LockView 4.2 CompX Database & Network Configuration & Installation Manual

To configure Outlook Express for your InfoMetrics address:

Host Installation on a Terminal Server

RSA Security Analytics

Setting up an MS SQL Server for IGSS

Jolly Server Getting Started Guide

Upgrading from Call Center Reporting to Reporting for Contact Center. BCM Contact Center

IMAP and SMTP Setup in Clients

Omgeo OASYS Workstation Installation Guide. Version 6.4 December 13, 2011

CALL REPORTING START GUIDE

Citrix XenServer Workload Balancing Quick Start. Published February Edition

Avigilon Control Center System Integration Guide

LockView CompX Database & Network Configuration & Installation Manual

Juniper Networks SSL VPN Implementation Guide

PaperClip. em4 Cloud Client. Manual Setup Guide

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

Millennium Drive. Installation Guide

EMC ViPR Controller. Version 2.4. User Interface Virtual Data Center Configuration Guide REV 01 DRAFT

SSL (Secure Socket Layer)

Guide to Configuring the UHU Wireless Network for Windows Vista

RE:Open for SQL Anywhere. Installation Guide. RE:Open for SQL Anywhere Installation Guide 1

How to install and use the File Sharing Outlook Plugin

User Guide Online Backup

Customer Tips. Configuration and Use of the MeterAssistant Option. for the user. Purpose. Xerox Device Configuration. Xerox Multifunction Devices

Transcription:

Configuration Guide EMC Avamar Last Modified: Wednesday, October 02, 2013 Event Source (Device) Product Information Vendor EMC Event Source (Device) Avamar Supported Versions/Platforms 4.1, 6.0, and 7.0 RSA Product Information Supported Version RSA envision 4.0 and 4.1 Event Source (Device) Type emcavamar, 175 Collection Method Syslog, ODBC Event Source (Device) Class.Subclass Storage.Storage Content 2.0 Table Storage This document contains the following information for the EMC Avamar event source: Configuration Instructions Release Notes 20131002-155915 Release Notes 20120305-123706 EMC Avamar Configuration Instructions Note: RSA supports collection of system events through syslog or the NIC ODBC service and audit events through the NIC ODBC Service. To configure EMC Avamar, you must complete these tasks: I. Configure Collection of System Events II. Configure Collection of Audit Events Copyright 2012 EMC Corporation. All Rights Reserved.

Configure Collection of System Events Note: System events can be collected through Syslog method or ODBC service. You must choose one or the other. To configure EMC Avamar to collect system events, do one of the following: Configure Syslog collection Configure ODBC collection Configure Syslog Collection To configure EMC Avamar for syslog collection: 1. Log on to the Avamar Administrator. 2. Click Tools > Manage Profiles > New. 3. In the Profile Name field, type envision. 4. Ensure that Syslog Notification is selected, and click Next. 5. Select all event codes that your environment requires. Note: RSA envision supports all event codes. 6. Click Finish. 7. Select the envision profile that you created, and click Edit. 8. Click the Syslog Notification tab, and ensure the fields are completed as follows. Address Enter the IP address of your envision appliance. Port Ensure that the value is 514 9. Ensure that Include extended event data is selected. 10. Click OK. Configure ODBC Collection To configure EMC Avamar System Events for ODBC collection, you must complete these tasks: I. Add EMC Avamar as a data source to the NIC Collector Service II. Set Up the NIC ODBC Service 2 Configure Collection of System Events

To add EMC Avamar as a data source: 1. Follow these steps to add the PostgreSQL ODBC driver on the RSA envision appliance: a. Click Start > Programs > Administrative Tools > Data Sources (ODBC). Note: If both Data Source ODBC-32 and ODBC-64 are available, select Data Source ODBC-32. b. In the System DSN tab, click Add. c. Select PostgreSQL ANSI. Note: If the PostgreSQL driver that you want is not available, download the latest opensource files, and install the driver. d. Click Finish. 2. In the PostgreSQL ANSI ODBC Driver Setup window, complete the fields as follows. Data Source Name Type emcavamar_syslog. Description (Optional) Enter a description of the data source. Database Type mcdb. SSL Mode Disable Server Enter the EMC Avamar IP address. Port Type 5555. User Password Type viewuser1. 3. Click Test. 4. After the test has completed successfully, click Save. To set up the NIC ODBC Service in envision: 1. Log on to RSA envision with your administrator credentials. 2. Click Overview > System Configuration > Services > Device Services > Manage ODBC Service. 3. In the Manage ODBC Service window, click Add. 4. To add the EMC Avamar data source, complete the fields as follows. Data source name Type IP address User name Password Type emcavamar_syslog. From the drop-down list, select EMC Avamar_Syslog. Select Use static IP address associated with the data source name, and enter the IP address of the database location. Type viewuser1. Configure Collection of System Events 3

Verify Password Enter the password again. Interval Enter a time interval for collection. Start ODBC Service on Ensure that Start ODBC Service on Apply is selected. Apply 5. Click Apply. 4 Configure Collection of System Events

Configure Collection of Audit Events Note: EMC Avamar audit events are collected only by the NIC ODBC Service. To configure EMC Avamar audit events for ODBC collection, you must complete these tasks: I. Add EMC Avamar as a data source to the NIC Collector Service II. Set Up the NIC ODBC Service Add EMC Avamar as a Data Source to the NIC Collector Service To add EMC Avamar as a data source: 1. On the RSA envision appliance, follow these steps to add the PostgreSQL ODBC driver: a. Click Start > Programs > Administrative Tools > Data Sources (ODBC). Note: If both Data Source ODBC-32 and ODBC-64 are available, select Data Source ODBC-32. b. In the System DSN tab, click Add. c. Select PostgreSQL ANSI. Note: If the PostgreSQL driver that you want is not available, download the latest opensource files, and install the driver. d. Click Finish. 2. In the PostgreSQL ANSI ODBC Driver Setup window, complete the fields as follows. Data Source Name Type emcavamar_audit. Description (Optional) Enter a description of the data source. Database Type mcdb. SSL Mode Disable Server Enter the EMC Avamar IP address. Port Type 5555. User Password Type viewuser1. 3. Click Test. 4. After the test has completed successfully, click Save. Configure Collection of Audit Events 5

Set Up the NIC ODBC Service in RSA envision To set up the NIC ODBC Service in envision: 1. Log on to RSA envision with your administrator credentials. 2. Click Overview > System Configuration > Services > Device Services > Manage ODBC Service. 3. In the Manage ODBC Service window, click Add. 4. To add the EMC Avamar data source, complete the fields as follows. Data source name Type IP address User name Password Verify Password Interval Start ODBC Service on Apply 5. Click Apply. Type emcavamar_audit. From the drop-down list, select EMC Avamar_Audit. Select Use static IP address associated with the data source name and enter the IP address of the database location. Type viewuser1. Enter the password again. Enter a time interval for collection. Ensure that Start ODBC Service on Apply is selected. EMC Avamar Release Notes (20131002-155915) What's New in This Release RSA added support to the RSA envision platform for EMC Avamar 7.0. New and Updated Messages For complete details on new and changed messages, see the Event Source Update Help. EMC Avamar Release Notes (20120305-123706) What's New in This Release RSA added support to the RSA envision platform for EMC Avamar 6.0 and updated the event source to content 2.0. This event source uses the Storage table. Content 2.0 features new tables and improvements to the parsing of event data into variables in those new tables. For rules and reports, note the following: 6 Configure Collection of Audit Events

For factory reports, as existing event sources are converted to Content 2.0, their device-specific reports are updated to work with the new content. In some cases, class-specific reports have replaced device-specific reports. Factory correlated rules have been modified to take advantage of the improved tables, variables and parsing. Custom rules, that involve event sources updated to work with Content 2.0, need to be rewritten. Custom reports may not produce the same results as previously. For guidance on updating custom reports, see the accompanying table documentation and the RSA envision Content Inspection Tool guide. Configure Collection of Audit Events 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information