Sending Log Messages to an Event-Management Database
With this procedure, TLC queries the for log messages to be saved as Events in a specified (see How does Log-Message Normalization work?). To normalize each , TLC uses the Normalization Rules assigned to each Group containing the Asset that represents the message's Log Source (see Assigning Normalization Rules to Asset Groups), as well as any rules assigned to the Asset itself (see Table 48).
To send log messages from the Audit Logger to an Event-Management Database:
|
1.
|
In the side bar, select Events >. |
|
2.
|
In the Audit Logger, select the Query tab. |
|
3.
|
From the Output drop-down, select Database. |
TLC adds a Database drop-down to the Query Criteria tab.
|
4.
|
From the Database drop-down, select the Event-Management Database to which the log messages will be exported. |
Note
|
If you select the Clear check box, TLC will delete all Events in the selected database before importing the messages from the Audit Logger.
|
|
5.
|
Enter your other criteria for the query (see Table 75). |
When the process completes, click OK in the Information dialog.