Table of Contents
Advertisement
Configuring data sources
Integrating Symantec Mail Security with Symantec Security Information Manager
Note: Although some of the Information Manager Event IDs are the same for
multiple events, the event descriptions and occasionally the severity is
different.
You must configure the following data sources on the Information Manager to
receive events from Symantec Mail Security for SMTP. You can add a new
sensor for each data source. Once you have configured these sources, you must
distribute the configuration to the Collector for it to take effect. For more
information, refer to the Symantec Security Information Manager
documentation.
Table C-1
Settings for Message statistics
Setting
Type:
Path for Linux/Solaris:
Path for Windows:
Filename:
Configure as:
Table C-2
Settings for Firewall statistics
Setting
Type:
Path for Linux/Solaris:
Path for Windows:
Filename:
Configure as:
Table C-3
Settings for Administrative and Definition Update statistics
Setting
Type:
Path for Linux/Solaris:
Interpreting events in the Information Manager
Value
Message stats
/opt/Symantec/SMSSMTP/scanner/stats/
c:\Program Files\Symantec\SMSSMTP\scanner\stats\
bmi_eng_stats
Monitor in Real Time
Value
Firewall stats
/opt/Symantec/SMSSMTP/scanner/stats/
c:\Program Files\Symantec\SMSSMTP\scanner\stats\
bmi_fw_stats
Monitor in Real Time
Value
Admin and Definition Update stats
/opt/Symantec/SMSSMTP/logs/tomcat/BMI_SESA/
Brightmail_SESA_Events.2
225
Advertisement
Table of Contents
Troubleshooting
