What are Scanner Events?

If you have a supported scannerA device that monitors systems in your TLC environment (for example, a vulnerability scanner). in your TLC environmentConsists of all TLC software, Managers, Log Sources, Monitored Assets, Collectors, and data in your TLC installation. (i.e., a Tripwire VnE Manager, a Nessus vulnerabilityA potential security weakness identified by a vulnerability scanner. In an Event1. Either a log message that a Manager has standardized (i.e. normalized) for use by TLC (a.k.a. Normalized Messages), or an event or vulnerability imported from a scanner. 2. An 'event message' collected from a Log Source. Database, you can import or collect vulnerabilities detected by a scanner. scanner, or an Nmap security scanner), you can collect the scanner's data for use by TLC.

With any scanner, you can manually export data to a file(s), and then import the file to an Event DatabaseA type of Event-Management Database that stores Events from any Log SourceAny log-generating application, operating-system service, database instance, or device from which TLC collects log messages. and/or scanner.. To export scanner data, see:

Configuring an Nmap Security Scanner

Configuring a Tripwire VnE Manager

Configuring a Tenable Nessus Vulnerability Scanner

To import scanner data, see Importing Scanner Data to an Event Database.

You can also automate this process by defining a schedule for the collection of data from a scanner AssetA Log Source in your TLC environment. See Monitored Assets and Discovered Assets. (see Configuring a Monitored Asset with a File Collector).

When an event is imported from a scanner file to an Event Database, TLC:

In the TLC Console1. Tripwire Log Center Console is the software for the TLC graphic user interface (GUI), or 2. The Tripwire Log Center GUI. Through the TLC Console, you can configure TLC, oversee your TLC environment, and manage log and event data., you can then: