Activate /Deactivate IFS Log Detection
Once the administrator has added and configured all of the desired servers to participate in the SIEM message handling, you can proceed to the Activate IFS Log Detect section in order to Activate/Deactivate them for transmitting the information to the SIEM system. Use this section in order to activate the servers that were configured at the Work with IFS logs Auditing menu page.
To activate Audit IFS Logs (ACTAUIFSL), select 21. Activate from the IFS Logs screen (STRAUD > 15 > 21). The Activate Audit IFS Logs screen appears:
| Activate Audit IFS Logs (ACTAUIFSL) Type choices, press Enter. IFS Log Subject . . . . . . . . Name, generic*, *ALL Select Auto-start=Y only . . . . *NO *YES, *NO Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys . |
The body of the screen includes these fields:
IFS Log Subject
Choose which servers should send their messages to the SIEM system. The administrator can choose between a specific server (Name) and all enabled servers (*ALL).
Select Auto-start=Y only
If set to *YES, activate only the servers with that IFS Log Subject for which the Auto-Start field was set to "Y" on the Work with IFS Logs Definition screen.
NOTE: Only the enabled subject at the Control IFS Logs menu will be activated.
To deactivate Audit IFS Logs (DCTAUIFSL):
- Select 22. Deactivate from the IFS Logs screen (STRAUD > 15 > 22).
| Deactivate Audit IFS Logs (DCTAUIFSL) Type choices, press Enter. IFS Log Subject . . . . . . . . Name, generic*, *ALL Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys |
- Enter the log subject to deactivate or*ALL to deactivate all of them, then press Enter.