You can achieve a simple, functioning CA User Activity Reporting Module deployment with one soft appliance. The predefined syslog connector makes it possible for the default agent to receive generated syslog events. All you need to do is configure your syslog sources to push syslog events to CA User Activity Reporting Module and edit the syslog connector configuration to identify the syslog targets. What is received depends on the bandwidth between the server and the syslog sources and latency.
Log sensors, including WinRM and ODBC, support direct log collection from over twenty non-syslog event sources. The WinRM log sensor lets you collect events directly from servers running Windows operating systems, such as Forefront Security for Exchange server, Forefront Security for SharePoint Server, Microsoft Office Communication Server, and Hyper-V virtual server and services such as Active Directory Certificate Services. The ODBC log sensor lets you capture events generated by Oracle9i or SQL Server 2005 databases. For details, see the CA Enterprise Log Manager Product Integration Matrix.
You need EiamAdmin credentials to install CA User Activity Reporting Module. As the EiamAdmin superuser, you configure an Administrator account which you use to do the configuration. If you log on with the Administrator credentials, you can verify that the setup is functioning by viewing self-monitoring events.
|
Copyright © 2013 CA.
All rights reserved.
|
|