Examples › Examples › CA Audit Interoperability

CA Audit Interoperability

Log Collection with a CA Audit Client

Problem:

CA Audit customers made significant investments deploying client components throughout the environment. Deploying new agents across the environment requires more investment in time and resources.

Solution:

The security analyst reconfigures CA Audit collection policies with the Policy Manager to forward logs from CA Audit clients directly to a CA Enterprise Log Manager server.

Log Collection with iRecorders

Problem:

Current CA Audit customers made significant investments deploying iRecorder components throughout the environment. Deploying new agents across the environment requires more investment in time and resources.

Solution:

The security analyst reconfigures iRecorders to forward logs from CA Audit clients directly to a CA Enterprise Log Manager server.

Log Collection with Mainframe Recorders

Problem:

Current CA Audit customers made significant investments deploying mainframe Recorder components throughout the environment. Deploying new components in the mainframe environment requires more investment in time and resources.

Solution:

The security analyst reconfigures the CA Top Secret Recorders (as a SAPI_Router destination) to forward logs directly to a CA Enterprise Log Manager server.

CA Audit Client and CA Enterprise Log Manager Agent Coexistence

Problem:

Current CA Audit customers made significant investments deploying Audit components throughout the environment, but need to migrate in phases to CA Enterprise Log Manager. Some applications such as Microsoft SQL Server require log collection from the underlying Windows operating system as well the Microsoft SQL Server database server application. The CA Audit client collects logs from Windows, but you also must install a CA Enterprise Log Manager agent to collect logs from Microsoft SQL Server during the phased migration.

Solution:

The security analyst installs the new CA Enterprise Log Manager Agent on a Windows Server 2003 that is already running an CA Audit Client to collect logs from Windows. This system is also running Microsoft SQL Server 2005, which is the first application planned for migration to the CA Enterprise Log Manager. He installs the agent on the same server with the CA Audit client, which allows CA Enterprise Log Manager to collect Windows log events from the client and Microsoft SQL Server events from the agent.

Data Migration from a CA Audit Database

Problem:

Current CA Audit customers need to run CA Enterprise Log Manager reports using data that has been previously collected and stored in the CA Audit collector database.

Solution:

The security analyst runs the CA Auditdatabase import utility to migrate previously collected data from SEOSDATA to the <CALM event log store. The CA Enterprise Log Manager reports can use this data immediately after data import.

Log Collection by a CA Audit Client with Static Ports

Problem:

Current CA Audit customers made significant investments deploying client components throughout the environment, and configuring them to use static network ports. Deploying new agents across the environment requires more investment in time and resources.

Solution:

The security analyst configures CA Enterprise Log Manager to communicate on the static ports that the clients were previously configured to use. The security analyst then reconfigures CA Audit collection policies with the Policy Manager to forward logs from CA Audit clients directly to CA Enterprise Log Manager.