7
C
D
Cisco Security Agents (CSA) provides security to your deployment to defend
against the spread of attacks across networks and systems. These CSA devices
enforce a set of policies provided by the Management Center (MC) for CSA
devices and selectively applied to system nodes by the network administrator.
This chapter provides information on configuring your CSA device using the
Adaptive Log Exporter. For information on adding or managing a device, see
Chapter 4 Managing
Enter values the following parameters:
•
•
Note: This file data is encoded in UTF-8 format. Entry fields are separated by a
comma. Event entries are separated by a carriage return/line feed (ASCII Hex 0D
0A). Once a log file exceeds 1 MB, the file is closed and the file name is suffixed
ONFIGURING THE
EVICE
Devices.
Root Log Directory — Specify the location of the CSA MC alert log files. By
default, the CSA alert log files are located in the
Log Filename — Specify the name of the active alert log file. The CSA MC can
generate a flat logging file to which events are written with a name of your
choosing.
STRM Adaptive Log Exporter
C
CSA
ISCO
C:\alerts\
directory