Symantec Critical System Protection
The JSA DSM for Symantec Critical System Protection can collect event logs from Symantec Critical System Protection systems.
The following table identifies the specifications for the Symantec Critical System Protection DSM.
Table 1: Symantec Critical System Protection DSM Specifications
Specification | Value |
|---|---|
Manufacturer | Symantec |
DSM Name | Critical System Protection |
RPM file name |
|
Supported versions | 5.1.1 |
Event format | DB Entries |
JSA recorded event types | All events from the ‘CSPEVENT_VW´ view |
Log source type in JSA UI | Symantec Critical System Protection |
Auto discovered? | No |
Includes identity? | No |
Includes custom properties | No |
For more information | Symantec Web Page (http://www.symantec.com/) |
To integrate Symantec Critical System Protection with JSA, complete the following steps:
If automatic updates are not enabled, download and install the most current version of the following RPMs on your JSA console:
Protocol-JDBC RPM
Symantec Critical System Protection RPM
For each Symantec Critical System Protection instance, configure Symantec Critical System Protection to enable communication with JSA.
Ensure that JSA can poll the database for events by using TCP port 1433 or the port that is configured for your log source. Protocol connections are often disabled on databases and extra configuration steps are required in certain situations to allow connections for event polling. Configure firewalls that are located between Symantec Critical System Protection and JSA to allow traffic for event polling.
If JSA does not automatically discover Symantec Critical System Protection, create a log source for each Symantec Critical System Protection instance on the JSA console. Use the following values for the required log source parameters:
Parameter
Description
Log Source Type
Symantec Critical System Protection
Protocol Configuration
JDBC
Database Type
MSDE
Instance
SCSP
Database Name
SCSPDB
Table Name
CSPEVENT_VW
Compare Field
EVENT_ID