Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - ADAPTIVE LOG EXPORTER REV1 Manual page 72

70 C W
OLLECTING INDOWS
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
E L
VENT OGS
Note: You must install your devices to the default location. Therefore, do not
change the Install Location for your devices.
Click Finish.
h
The Feature Verification window appears.
Click Install All to install all chosen devices.
i
In the Adaptive Log Exporter, click the Devices tab.
Using your right mouse button (right-click) the Windows Event Log and select Add
Device.
A new instance of the device is created and the Properties panel appears.
In the Basic Configuration area, enter values for the parameters:
Name — Specify the name you wish to assign this device, composed only of
•
alphanumeric characters and the underscore (_).
Description — Specify a description for this device.
•
Device Address — Specify the IP address or the hostname of the Windows
•
system you wish to monitor.
In the Windows Event Log Configuration area, enter values for the parameters:
Application Log — Select the check box if you wish the device to monitor the
•
application log.
Security Log — Select the check box if you wish the device to monitor the
•
security log.
System Log — Select the check box if you wish the device to monitor the
•
system log.
In the Windows Event Log Remote System Configuration, clear the Remote
Machine check box so the device does not retrieve the logs from a remote system.
Repeat Step 4 to Step 7
STRM Adaptive Log Exporter
for each remote host you wish to monitor.