RSA Event Source Configuration Guide. McAfee Database Security



Similar documents
RSA Event Source Configuration Guide

RSA Event Source Configuration Guide. EMC Avamar

RSA Event Source Configuration Guide. RSA Data Loss Prevention Suite

RSA Event Source Configuration Guide. Microsoft Internet Information Services

RSA Event Source Configuration Guide. Citrix Xenmobile Mobile Device Manager

RSA Security Analytics

RSA Security Analytics

RSA Event Source Configuration Guide. McAfee Firewall Enterprise

RSA Security Analytics

RSA Security Analytics

BusinessObjects Enterprise XI Release 2

RSA Event Source Configuration Guide. Microsoft Dynamic Host Configuration Protocol Server

How To Import Credit Card Charges Into Concur

EventTracker: Integrating Imperva SecureSphere

Integrate Astaro Security Gateway

Step by Step: vcenter Syslog Collector installation

RSA Authentication Manager

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

HOW TO CONNECT TO FTP.TARGETANALYSIS.COM USING FILEZILLA. Installation

Integrate Websense Web Security Gateway (WSG)

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

If you are experiencing difficulty joining a session, determine which scenario is applicable to you and follow the recommended guidelines.

About Archiving for Microsoft Exchange Server

Creating a Content Group and assigning the Encrypt action to the Group.

Management, Logging and Troubleshooting

Yale Software Library. PGP 9.6 for Windows

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

GE Intelligent Platforms. Activating Licenses Online Using a Local License Server

PIM SOFTWARE TR50. Configuring the Syslog Feature TECHNICAL REFERENCE page 1

Chapter 8 Monitoring and Logging

Installation Logon Recording Basis. By AD Logon Name AD Logon Name(recommended) By Windows Logon Name IP Address

Avigilon Control Center System Integration Guide

Administrator s Plus. Backup Process. A Get Started Guide

A10 Networks Load Balancer

Remote Logging Agent Configuration Guide

extranet.airproducts.com Windows XP Client Configuration

Configuration Guide. SafeNet Authentication Service. Remote Logging Agent

my.airproducts.com Windows Vista Client Configuration

SNMP Adapter Installation and Configuration Guide

Using the SB Partners Client Web Portal

Immotec Systems, Inc. SQL Server 2005 Installation Document

vcenter Operations Management Pack for SAP HANA Installation and Configuration Guide

User guide. Business

Integrate ExtraHop with Splunk

Management Pack for vrealize Infrastructure Navigator

Sage 200 Web Time & Expenses Guide

How To Configure Syslog over VPN

Lytecube Technologies. EnCircle Automation. User Guide

User Guide to the Snare Agent Management Console in Snare Server v7.0

Syslog Server Configuration on Wireless LAN Controllers (WLCs)

Integrating Symantec Endpoint Protection

CBH Provider EDI Browser Manual

Trend Micro PC-cillin Internet Security 2006

RSA Security Analytics

Deploying HIDS Client to Windows Hosts

Audits. Alerts. Procedure

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Accellion Secure File Transfer

Introduction Installation firewall analyzer step by step installation Startup Syslog and SNMP setup on firewall side firewall analyzer startup

Upgrading MySQL from 32-bit to 64-bit

RSA Security Analytics Netflow Collection Configuration Guide

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Snare Agent Management Console User Guide to the Snare Agent Management Console in Snare Server v6

HASP Troubleshooting Guide

How To Connect To Ecs.Org From A Pc Or Mac Or Ipad (For A Laptop) With A Network Connection (For Mac) With The Ipad Or Ipa (For Pc Or Ipac) With An Ipa Or Ip

EventTracker Windows syslog User Guide

Flowlink Pro Server Software Installation Guide

Contents Notice to Users

RSA Event Source Configuration Guide. F5 Big-IP Local Traffic Manager

Sonicwall Reporting Server

Lab Configure Syslog on AP

Installation, Setup, & Uninstall Guide Virtual TimeClock 15 Network Edition for Mac

Tenable for CyberArk

Integration Guide. LogicNow MAXfocus

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

TIBCO Slingshot User Guide

Web Hosting Training Guide. Web Hosting Training Guide. Author: Glow Team Page 1 of 22 Ref: GC349_v1.1

Aspera Connect User Guide

H3C Firewall and UTM Devices DNS and NAT Configuration Examples (Comware V5)

Lab 5.5 Configuring Logging

How do I set up a branch office VPN tunnel with the Management Server?

Changing Your Cameleon Server IP

SysAid Remote Discovery Tool

PineApp Surf-SeCure Quick

How to Connect to Berkeley College Virtual Lab Using Windows

Download/Install IDENTD

Windows 2003 Performance Monitor. System Monitor. Adding a counter

Lieberman Software Corporation Enterprise Random Password Manager

Important Notes for WinConnect Server VS Software Installation:

Aspera Connect Linux 32/64-bit. Document Version: 1

Information on Syslog For more information on syslog, see RFC Released: December 2006 Interoperability issues: None. Table 1: Syslog at a Glance

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

PIKA µfirewall Cloud Management Guide

SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

NETWRIX EVENT LOG MANAGER

F-SECURE MESSAGING SECURITY GATEWAY

Cyclope Internet Filtering Proxy. - Installation Guide -

Integrating Barracuda Web Application Firewall

Transcription:

RSA Event Source Configuration Guide McAfee Database Security Last Modified: Sunday, April 29, 2012 Event Source (Device) Product Information Vendor McAfee Event Source (Device) Database Security Supported Versions 4.2 Additional Downloads server-custom.properties RSA Product Information Supported Version RSA envision 4.0 and 4.1 Event Source (Device) Type mcafeeds, 267 Collection Method Syslog Event Source (Device) Class.Subclass Security Application Firewall Content 2.0 Table Application Firewall This document contains the following information for the McAfee Database Security event source: Configuration Instructions Release Notes 20120429-082422 Release Notes 20120328-170659 Release Notes 20120305-123706 Release Notes 20120201-163743 Release Notes 20111031-165949 McAfee Database Security Configuration Instructions To configure McAfee Database Security, you must complete these tasks: I. Edit the McAfee Database Security Properties File II. Configure the Syslog Settings III. Configure System Messages Via Syslog IV. Configure System Rules Via Syslog Copyright 2012 EMC Corporation. All Rights Reserved.

RSA Event Source Edit the McAfee Database Security Properties File The security properties file specifies the log information for the RSA envision platform to capture. To edit the McAfee Database Security properties file: 1. Logon on to RSA SecurCare Online. 2. From the Browse by Product Family section, click RSA envision. 3. From the See Also section, click Device Configuration, and select RSA envision Device Configuration. 4. From the list of event sources, navigate to the McAfee Database Security event source, and download the server-custom.properties file. 5. Copy the string in the properties file that you downloaded from RSA SecurCare Online, and insert it into your server-custom.properties file, located in the conf folder where you installed McAfee Database Security. 6. Save and close your file. Note: Go to Step 5 in the "Configuring the Syslog Settings" section to verify if you correctly edited the properties file. Properties File Details The server-custom.properties file contains a log.format.body.custom entry. This entry lists the McAfee Database Security fields to include in the log file. McAfee provides the flexibility of limiting the size of each of its fields. It is possible to specify a maximum length for the field as follows: $fieldname:size$ where: fieldname is the name of the field size is the maximum length for that field For example, the following field information is in the server-custom.properties file: $rules.name:100$ This limits the rules.name field to 100 characters. RSA has limited several fields in this manner. It is recommended that you keep these limitations when you edit the server-custom.properties file and copy it to the McAfee Database Security properties file. 2 Edit the McAfee Database Security Properties File

RSA envision Event Source Configure the Syslog Settings To configure the McAfee Database Security Syslog settings: 2. In the navigation bar at the top, click System. 3. Click Interface > Syslog. 4. From the Syslog Configuration page, select Use Syslog and complete the fields follows: Field Host Action Enter the IP address of your RSA envision platform. Port Type 514. Transport From the drop-down list, select UDP. Maximum Packet Length Type 64. Facilities Format From the drop-down list, Local0. From the drop-down list, select Custom. Note: RSA envision only supports custom formats. If you select any other format, your messages will be undefined. 5. In the Alert Format Details section, ensure that the string is the same as the string that you added when you edited the McAfee Database Security properties file. Note: If you cannot find the string, ensure that you correctly completed the steps in the Edit the McAfee Database Security Properties File section. 6. Click Save. Configure the Syslog Settings 3

RSA Event Source Configure System Messages Via Syslog To configure system messages via Syslog: 2. In the navigation bar at the top, click System. 3. Click Messages > Configuration. 4. Ensure that Send system message to syslog is selected, and from the drop-down list, select any level except Trace or Debug. 5. Click Save. 4 Configure System Messages Via Syslog

RSA envision Event Source Configure System Rules Via Syslog To configure McAfee Database Security system rules via syslog: 2. In the navigation bar at the top, click Rules. 3. Depending on the type of rule that you want to edit, click vpatch Rules or Custom Rules. 4. Click the Edit icon of a rule. 5. In the Action section, ensure that Syslog is selected, and from the drop-down list, select any level except Trace or Debug. 6. Click Save. McAfee Database Security Release Notes (20120429-082422). McAfee Database Security Release Notes (20120328-170659) What's New in This Release RSA has updated the server properties file, server-custom.properties, for the McAfee Database Security event source. McAfee Database Security Release Notes (20120305-123706) McAfee Database Security Release Notes (20120201-163743) McAfee Database Security Release Notes (20111031-165949) What's New in This Release RSA has verified support for McAfee Database Security 4.2. Configure System Rules Via Syslog 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information