Implementation Guide › Configuring Event Collection › Configuring the Default Agent › Create a syslog Connector for the Default Agent
Create a syslog Connector for the Default Agent
Create a syslog connector to receive syslog events using the default agent on the CA User Activity Reporting Module server.
To create a syslog connector for the default agent
- Log into CA User Activity Reporting Module and access the Administration tab.
- Expand the Agent Explorer and an agent group.
The default agent is automatically installed into the Default Agent Group. You can move this agent to another group.
- Select the agent name.
The default agent has the same name you gave the CA User Activity Reporting Module server during installation.
- Click Create New Connector to open the connector wizard.
- Click the Listeners option and provide a name for this connector.
- Apply suppression rules, and suppression rules as needed in the second and third pages of the wizard.
- Select one or more targeted syslog integrations from the Available list to use with this connector, and move them to the Selected list.
- Set UDP and TCP port values, if you are not using the defaults, and provide a list of trusted hosts if your implementation uses them.
Note: When a CA User Activity Reporting Module agent does not run as root, it cannot open a port below 1024. The default syslog connector therefore uses UDP port 40514. The installation applies a firewall rule to the CA User Activity Reporting Module server to redirect traffic from port 514 through 40514.
- Select a time zone.
- Click Save and Close to finish the connector.
The connector begins collecting syslog events that match the selected integrations on the ports you specified.
Copyright © 2013 CA.
All rights reserved.
|
|