Overview Guide › Quick Start Deployment › Configure Syslog Event Sources

Configure Syslog Event Sources

To enable direct collection of syslog events by the default agent that exists on each CA User Activity Reporting Module server, you begin by identifying the syslog event sources from which you want to collect events and determining the associated integration. Then you do the following two things in either order.

• Configure the syslog event sources. Log on to each host where a syslog event source is running and configure it as documented in the connector guide for that syslog integration.
• Configure the syslog connector on the default agent to add the target syslog integrations associated with the configured event sources.

As soon as you complete this two-step configuration, event collection and refinement begins. Then, you can use CA User Activity Reporting Module to view or report on events you care about in a standardized format. You can also generate alerts when specific events occur.

To configure a selected syslog event source

1. Log on to the host with a target syslog event source.
2. Launch CA User Activity Reporting Module from a browser on this host.
3. Click the Administration tab and Log Collection subtab.

   The Log Collection Explorer appears.

4. Expand Event Refinement Library, Integrations, Subscription.

   The list of predefined integrations displays. An abbreviated example follows:

   

5. Select the integration for the event source you need to configure. For example, if you wanted to collect syslogs generated by an AIX operating system, you would select AIX_Syslog.

   The integration details appears.

   

6. Click the Help button located just above the Integration name on the right hand pane.

   The connector guide for the selected integration appears.

7. Click the section on the event source configuration requirements. In this example, the documentation describes how to configuring the AIX operating system event source to send its syslogs to CA User Activity Reporting Module.

   

Example--Alternative Source for Connector Guides: Support Online

You can open a selected connector guide from within the CA User Activity Reporting Module user interface or from CA Support Online. Following is an example that shows how to open a connector guide from this alternative source.

1. Log on to CA Support Online.
2. Select CA Enterprise Log Manager from the Select a Product page drop-down list.
3. Scroll to Product Status and select CA Enterprise Log Manager Certification Matrix.
4. Select Product Integration Matrix.
5. Find the category for the integration associated with the event source you are configuring. For example, if the event source is the AIX operating system, scroll to the Operating Systems category and click the AIX link.