Table of Contents
Advertisement
226
M
ICROSOFT
Step 7
Step 8
Microsoft System
Center Operations
Manager
NOTE
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Click Save.
On the Admin tab, click Deploy Changes.
For more information on configuring log sources, see the Log Sources User Guide.
A SIEM Microsoft System Center Operations Manager (SCOM) DSM accepts
SCOM events by polling the OperationsManager database allowing SIEM to
record the relevant events.
Before you configure SIEM to integrate with the Microsoft SCOM, you must ensure
a database user account is configured with appropriate permissions to access the
SCOM OperationsManager SQL Server database. The appropriate authentication
mode may need to be enabled in the Security settings of the SQL Server
properties. For more information, please see your Microsoft SCOM documentation.
Ensure that no firewall rules are blocking the communication between SIEM and
the SQL Server database associated with SCOM. For SCOM installations that
use a separate, dedicated computer for the SQL Server database, the EventView
view is queried on the database system, not the system running SCOM.
To configure SIEM to receive SCOM events:
Click the Admin tab.
On the navigation menu, click Data Sources.
The Data Sources panel is displayed.
Click the Log Sources icon.
The Log Sources window is displayed.
From the Log Source Type drop-down list box, select Microsoft SCOM.
From the Protocol Configuration drop-down list box, select JDBC.
The JDBC protocol is displayed.
Configure the following values:
Configuring DSMs
Advertisement
Table of Contents
