Your Tripwire Log Center Manager software runs as a service and controls several components of the local Manager, including the Manager's Audit Logger, Task Scheduler, Normalization Engine, and Correlation Engine. You configure the TLC Manager service in the TLC Manager Interface.
|
Tip |
With the command-line tool, you can perform all functions available in the TLC Manager Interface, along with a few additional debugging commands. To run the command-line tool, enter the following command at a command line: Tlc.LogManager.Cli.exe |
|---|
To work with the TLC Manager Interface:
| 1. | On the TLC Manager host system, select Start > Programs > Tripwire Log Center > Manager. |
The TLC Manager Interface opens (see Figure 51).
| 2. | As needed, make your changes in the TLC Manager Interface. |
Table 71 describes the available options in the menu bar.
Table 72 describes each option available in the side bar.
| 3. | To close the TLC Manager Interface, select File > Save and Exit. |
Figure 51. TLC Manager Interface
|
Menu |
Description |
|---|---|
|
File |
Save. Saves the current settings in the TLC Manager Interface. Save and Exit. Saves the current settings and closes the user session. Note: To save the current settings, you should first stop the TLC Manager Service in the Status page (see Table 72), save the settings, and then re-start the service. Exit Without Saving. Closes the user session without saving any changes made since the last time the settings were saved. |
|
Options |
Clear Displayed Logs. Select this option to remove the log messages presented in the Status page (see Table 72). (This option is only available if the Status option is selected in the side bar.) Reset a Password. To reset the password for a TLC User Account: 1. Select Options > Reset a Password. 2. In the Reset Password dialog, enter the Reset Code, the Username for the account, and the new Password. For password requirements, see Password . Note: To acquire a Reset Code, contact Tripwire Support. |
|
Help |
About. Opens a dialog with your Serial Number and the TLC Manager version number. |
|
Option |
Description |
|---|---|
|
Status |
Manager service status. Indicates if the TLC Manager service is currently running. Scroll log messages. If the TLC Manager service is running and this option is enabled, TLC presents log messages as they are generated by the service. To start the service, click Start. To stop the service, click Stop. To restart the service, click Restart. |
|
Database Settings |
General tab: Database type. Your Event-Management Database software. Use Windows authentication. Enables Windows authentication. Username. The user account with which TLC accesses your Event-Management Database software. Password. The password for the user account. To defragment your default Event-Management Database, click Defragment Primary Database. Security Settings tab: (Optional) If your Event-Management Database software is MySQL Server, you can enable secure connections for communications between your Primary Manager and Event-Management Database software by selecting SSH from the Protocol drop-down and configure the following settings: Username. The user account with which TLC accesses your Event-Management Database software. Password. The password for the user account. Host. The IP address or host name of the system on which you installed your Event-Management Database software (i.e. your Database-software host). Port. The SSH port on your Database-software host by which your Primary Manager will communicate with the database software. |
|
Manager Settings |
Primary Manager IP address. The IP address of the Primary Manager. Primary Manager port. For a Secondary Manager, this field indicates the port with which the TLC Manager service communicates with your Primary Manager. Change Manager Type. Changes the Manager to a Primary or Secondary Manager (see Promoting a Secondary Manager). Download License File. If the Manager is your Primary Manager, this button opens a wizard to replace the existing TLC Manager license file with a new license file (see Managing your TLC License). Deactivate License. This button deactivates the existing TLC Manager license file so it can be moved to a new machine. |
|
Log Settings |
To change the directory in which the Manager's log messages are saved, click Browse. |
|
Communication Settings |
Configures settings for communications between the TLC Manager service and: Other TLC systems (i.e. other Managers and TLC Consoles) Windows Log Sources Communications port. The port used by the TLC Manager service for communications. Manager name. The name of the Manager as defined in the TLC Console (see Working with Managers). Certificate store. The certificate store containing the certificate used for communications with other TLC systems (see Configuring your Manager's SSL Certificate). Certificate name. The name of the certificate. To create a new certificate for the Manager, click Create Certificate. To assign another existing certificate to the Manager, click Find Certificate. Notes: To communicate with the Manager, other TLC systems must specify the IP address or host name in the certificate name. For example, if the certificate's name is CN=secmon01.mycompany.com, other systems must use secmon01.mycompany.com to connect to the manager (and not the Manager's IP address). |
|
Service Settings |
Defines the user credentials with which the TLC Manager service authenticates when communicating with Windows Log Sources (see Assigning a User Account to the TLC Manager Service). |
|
Configured Modules |
Lists the enabled modules in the Installed Modules tab of the Manager's properties dialog (see Working with Managers). |