Previous Topic: Copy the Event Import Utility to a Solaris Data Tools ServerNext Topic: Preview a CA Access Control Event Import


Create a SEOSDATA Event Report for CA Access Control Events

To determine whether an existing SEOSDATA table contains CA Access Control events, and to decide upon an import method, you should run an event report. The logname for CA Access Control events is eTrust Access Control. The report lists all events in the database separated by their log names. The easiest way to import CA Access Control events is to import them based on their log name.

To create an event report

  1. Create an event report so that you can see what CA Access Control events are present in the SEOSDATA table.
    LMSeosImport -dsn My_Audit_DSN -user sa -password sa -report
    

    After processing, the utility displays a report that resembles the following:

    Import started on Fri Jan  2 15:20:30 2009
    
    
    No transport specified, defaulting to SAPI...
    
    Preparing ODBC connections...
    
    Successfully attached to source [My_Audit_DSN]
    
    ---------- SEOSDATA Event Time Range ----------
    
    Minimum TIME = 2008-05-27
    Maximum TIME = 2009-01-02
    
    ---------- Event Count Per Log ----------
    
    Unix : 12804
    ACF2 : 1483
    eTrust AC : 143762
    com.ca.iTechnology.iSponsor : 66456
    NT-Application : 5270
    CISCO PIX Firewall : 5329
    MS IIS : 6765
    Netscape : 530
    RACF : 14
    Apache : 401
    N/A : 28222
    SNMP-recorder : 456
    Check Point FW-1 : 1057
    EiamSdk : 2790
    MS ISA : 609
    ORACLE : 2742
    eTrust PCM : 247
    NT-System : 680
    eTrust Audit : 513
    NT-Security : 14714
    CISCO Device : 41436
    SNORT : 1089
    
    ---------- SEOSDATA EntryID Range ----------
    
    
    Minimum ENTRYID : 1
    Maximum ENTRYID : 10000010243
    
    
    Report Completed.
    
    Successfully detached from source [My_Audit_DSN]
    
    Exiting Import...
    
  2. Review the report to ensure that events from CA Access Control are present.

    The boldface line in this report excerpt shows that there are CA Access Control events contained in this SEOSDATA table.

    ---------- Event Count Per Log ----------
    
    Unix : 12804
    ACF2 : 1483
    eTrust AC : 143762
    com.ca.iTechnology.iSponsor : 66456
    NT-Application : 5270
    ...