Event Log Management

Previous page
Table of content
Next page
 < Day Day Up > 

Event log management is performed from the Events menu. You can access two types of log management actions: event insertion tasks and auto-pruning tasks. The next sections describe both tasks.

Event Insertion Tasks

Event insertion tasks are how the CSA MC database controls how events are placed in the database and how events are purged when events at certain severity reach specified thresholds. You can select and configure the global event insertion task to fit your environment. By clicking the Event Insertion Task link, you are presented with the screen shown in Figure 8-16.

Figure 8-16. Global Event Insertion Tasks Tuning Page


The top of this page displays information from the current event log database. This information includes the number of events, a graphical representation of the types of event by severity, and links to filtered views of those event types.

The bottom half of the screen provides the tunable parameters for the global task insertion rules. The text boxes provide thresholds that relate to the different severity levels. Basically, if the number of events housed in the database exceed certain levels, new events of specified severities received by the CSA MC are not recorded. Insertion tasks guarantee that if a spike of events occurs, the most important events are given priority to the database.

Auto-Pruning Tasks

Whereas the global insertion parameters control whether new events are logged in the database, auto-pruning tasks control how the database removes old events to make room for the new tasks. To configure an auto-pruning task, click New from the Event Log Management screen. The configuration screen that appears has very few options that require configuration, as shown in Figure 8-17. The new task requires a name and description just as the other configurable options within the CSA MC. You also have a check box to state whether the task is enabled or disabled currently.

Figure 8-17. Auto-Pruning Configuration


Finally, you have the options related to which events should be removed. The two options here are Delete Events variable Day(s) Old and Matching the Following Event Set. These two parameters enable you to state how old the event must be before being purged, and enable you to apply an event set scope to which events should be purged. Just below the configuration options, you see a statement regarding whether this task has been run and when it has been run. Auto-pruning tasks are not scheduled manually but are run by the CSA MC typically at a time when the MC is least busy.

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Cisco Security Agent
    Cisco Security Agent
    ISBN: 1587052059
    EAN: 2147483647
    Year: 2005
    Pages: 145
    Authors: Chad Sullivan
    BUY ON AMAZON
    Project Management JumpStart
    CompTIA Project+ Study Guide: Exam PK0-003
    VBScript Programmers Reference
    Cisco CallManager Fundamentals (2nd Edition)
    Data Structures and Algorithms in Java
    Special Edition Using FileMaker 8
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy