You would like to know what type of collection a Symantec Security Information Manager collector does
search cancel

You would like to know what type of collection a Symantec Security Information Manager collector does

book

Article ID: 152743

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

You have been notified that an updates addresses a component in multiple collectors and want to know if you need to apply the update. 

Resolution

You may not need to run LiveUpdate for each collector you have installed sending events to a single agent.  If the collectors share the same type of collection you only need to update once and all collectors will be updated.   Steps to run LiveUpdate are at the end of this document.

 

Below is a list of collectors and the type of collection such as syslog or logfile the collector does.

 

SSIM Version

Collector Name

Collector Version

Type of Collection

UCF version

4.5

Sun Solaris BSM Event Collector

4.2

BSM (Syslog based)

2.03

4.5

CA Antivirus Event Collector

4.2

CA Antivirus Sesnor

2

4.5

eEye REM Event Collector

4.3

DB

2.09

4.5

McAfee ePO Event Collector

4.3

DB

2.09

4.5

Mazu Event Collector

4.2

DB

2.09

4.5

Sygate Collector

4.2

DB

2.09

4.5

Symantec Critical System Protection Event Collector

4.2

DB

2.07

4.5

Symantec ESM Event Collector

4.2

DB

2.04

4.5

Oracle 9i Event Collector

4.2

DB

2.04

4.5

Oracle 10g Event Collector

4.2

DB

2.05

4.5

CyberWolf Event Collector

4.2

DB

2.05

4.5

ISS SiteProtector Event Collector

4.2

DB

2.04

4.5

Snort MySQL Event Collector

4.2

DB

2.09

4.5

Symantec Database Security Event Collector

4.2

DB

2.09

4.5

Tripwire Enterprise Event Collector

4.2

DB

2.09

4.5

WholeSecurity Collector

4.2

DB

2.07

4.5

Microsoft ISA Firewall (DB) Event Collector

3.7

DB

2.04

4.5

Microsoft ISA WebProxy (DB) Event Collector

3.7

DB

2.04

4.5

Tandem Event Collector

3.7

DB

2.03

4.5

Cisco IDS Collector

4.2

IDS

2.03

4.5

Symantec Control Compliance Suite Event Collector

4.2

Log

2.04

4.5

Enterasys Dragon Event Collector

4.2

LogFile

2

4.5

Microsoft IAS Event Collector

4.2

LogFile

2.22

4.5

Microsoft ISA Event Collector

4.2

LogFile

2.22

4.5

Microsoft SQL Server 2000 Event Collector

4.2

LogFile

2.05

4.5

Microsoft SQL Server 2005 Event Collector

4.2

LogFile

2.02

4.5

Nessus Event Collector

4.2

LogFile

2

4.5

Sophos AV Event Collector

4.2

LogFile

2.02

4.5

Apache Event Collector

3.7

LogFile

2

4.5

Kiwi Syslog Daemon Event Collector

3.7

LogFile

2

4.5

Microsoft Windows DHCP Server Event Collector

3.7

LogFile

2

4.5

Microsoft Windows Firewall Event Collector

3.7

LogFile

2

4.5

Symantec Intruder Alert Event Collector

3.7

LogFile

2

4.5

nCircle Event Collector

4.2

nCircle

2.01

4.5

Check Point FireWall-1 Event Collector

4.2

OPSEC

2.04

4.5

QualysGuard Event Collector

4.2

Qualys (xml base)

2.22

4.5

Snare for Windows Event Collector

4.3

Syslog

2.07

4.5

Syslog Director

4.2

Syslog

2.03

4.5

Cisco PIX Event Collector

4.2

Syslog

2.03

4.5

UNIX Syslog Event Collector

4.2

Syslog

2.04

4.5

Generic Syslog Event Collector

4.2

Syslog

2.03

4.5

Juniper NetScreen Firewall Event Collector

4.2

Syslog

2.03

4.5

Juniper NSM 4.x Event Collector

4.2

Syslog

2.03

4.5

Radware DefensePRo Event Collector

4.2

Syslog

2.05

4.5

Sidewinder G2 Event Collector

4.2

Syslog

2.06

4.5

Snort Syslog Event Collector

4.2

Syslog

2.03

4.5

Cisco IOS Event Collector

3.7

Syslog

2.04

4.5

Cisco(R) VPN Concentrator Event Collector

3.7

Syslog

2.04

4.5

Juniper VPN Event Collector

3.7

Syslog

2.03

4.5

McAfee Intrushield Manager Event Collector

3.7

Syslog

2.04

4.5

TippingPoint NIPS Collector

3.7

Syslog

2.03

4.5

Linux Debian OS Event Collector

4.2

Syslogfile

2.03

4.5

Linux IP Tables Event Collector

4.2

Syslogfile

2.03

4.5

Linux OS Event Collector

4.2

Syslogfile

2.06

4.5

PassGo UPM Event Collector

4.2

Syslogfile

2.05

4.5

Snort Event Collector

4.2

Syslogfile

2.03

4.5

Solaris OS Event Collector

4.2

Syslogfile

2.03

4.5

Linux(R) Debian OS Event Collector

3.7

Syslogfile

2.03

4.5

SUSE Linux Syslog Event Collector

3.7

Syslogfile

2.01

4.5

Microsoft Windows Event Collector

4.2

Windows Event Log

2.03

4.5

Microsoft Active Directory Event Collector

3.7

Windows Event Log

2.02

4.5

RSA SecurID Event Collector

3.7

Windows Event Log

2.03

 

SSIM Version

Collector Name

Collector Version

Type of Collection

UCF version

4.0x

Sun Solaris BSM Event Collector

3.5

BSM (Syslog based)

2.01

4.0x

ISS SiteProtector Event Collector

3.5

DB

2.03

4.0x

Snort MySQL Event Collector

3.7

DB

2.05

4.0x

Cisco Security Agent Event Collector

3.6

DB

2.03

4.0x

Trend Micro Control Manager Event Collector

3.6

DB

2.03

4.0x

Blue Lance LT Auditor

3.5

DB

2.01

4.0x

Microsoft Operating Manager Event Collector

3.5

DB

2.01

4.0x

Symantec Critical System Protection Event Collector

3.6

DB

2.03

4.0x

Tandem Event Collector

3.6

DB

2.03

4.0x

CyberWolf Event Collector4.0

3.5

DB

2.05

4.0x

Symantec ESM Event Collector

3.5

DB

2.01

4.0x

Cisco Netflow Event Collector

3.7

Flow

2

4.0.x

SE Linux Event Collector

3.6

Log

2.03

4.0x

BlueCoat Proxy Event Collector

3.6

Log

2.04

4.0x

Cisco Secure Access Control Server Event Collector

3.6

Log

2.03

4.0x

Phion Netfence Event Collector

3.6

Log

2.04

4.0x

Sun Java System Web Server Collector

3.6

Log

2.03

4.0x

Bindview Collector

3.5

Log

2.03

4.0x

Symantec Mail Security for SMTP Event Collector (4.1)

3.5

Log

2.03

4.0x

Nessus Event Collector

4

Log

2.02

4.0x

Enterasys Dragon Event Collector

4

Log

2.01

4.0x

Microsoft ISA 2004 Proxy Server Event Collector

3.6

Log

2.04

4.0x

Microsoft SQL Server 2005 Event Collector

3.6

Log

2.04

4.0x

PassGo UPM Event Collector

3.6

Log

2.01

4.0x

Symantec Intruder Alert Event Collector

3.6

Log

2.04

4.0x

Apache Event Collector

3.5

Log

2.03

4.0x

eEye Retina Event Collector

3.5

Log

2.02

4.0x

Microsoft ISA Event Collector

3.5

Log

2.03

4.0x

Microsoft IIS Event Collector

3.6

LogFile

2.05

4.0x

Fox Server Control Event Collector

3.5

LogFile

2

4.0x

Microsoft SQL Server 2000 Event Collector

3.5

LogFile

2.05

4.0x

nCircle Event Collector

3.5

nCircle

2.01

4.0x

Check Point FireWall-1 Event Collector

3.5

OPSEC

2.01

4.0x

QualysGuard Event Collector

3.5

Qualys (xml base)

2.01

4.0x

SunScreen Event Collector

3.5

Sunscreen

2.04

4.0x

ForeScout CounterAct Event Collector

3.6

Syslog

2.03

4.0x

McAfee Secure Web Gateway Event Collector

3.6

Syslog

2.02

4.0x

StoneSoft StoneGate Collector

3.6

Syslog

2.02

4.0x

CyberGuard Event Collector

3.5

Syslog

2.01

4.0x

Fortinet Event Collector

3.5

Syslog

2.05

4.0x

Nortel Contivity Event Collector

3.5

Syslog

2.02

4.0x

Cisco VPN Concentrator Event Collector

3.6

Syslog

2.02

4.0x

TippingPoint NIPS Event Collector

3.6

Syslog

2

4.0x

WholeSecurity Event Collector

3.6

Syslog

2.03

4.0x

Cisco IOS Event Collector

3.5

Syslog

2.01

4.0x

Cisco PIX Event Collector

3.5

Syslog

2.01

4.0x

Juniper IDP Event Collector

3.5

Syslog

2.01

4.0x

Juniper NetScreen Firewall Event Collector

3.5

Syslog

2.01

4.0x

Juniper VPN Event Collector

3.5

Syslog

2.01

4.0x

McAfee Intrushield Manager Event Collector

3.5

Syslog

2.02

4.0x

Sygate Enterprise Protection Event Collector

3.5

Syslog

2.02

4.0x

Linux IP Tables Event Collector

3.6

Syslogfile

2.02

4.0x

IBM AIX Event Collector

3.5

Syslogfile

2.02

4.0x

Linux OS Event Collector

4

Syslogfile

2.02

4.0x

Solaris OS Event Collector

4

Syslogfile

2.02

4.0x

HP-UX Collector

3.6

Syslogfile

2.02

4.0x

SUSE Linux Syslog Event Collector

3.5

Syslogfile

2.01

4.0x

Microsoft Windows Event Collector

4.1

Windows Event Log

2.03

4.0x

RSA SecurID Event Collector

3.6

Windows Event Log

2.03

 

 

Collector Name

Collector Version

Type of Collection

 

 

Trend Micro Control Manager for Virus Incidents

3.5

DB

2

 

Trend Micro Control Manager for Vulnerability

3.5

DB

2

 

  • To run Java LiveUpdate on the Symantec Security Information Manager

Log into the web configuration page for SSIM, select LiveUpdate from the list on the left side of the page and click on the Update button. This will update any onbox collectors and SSIM components that have updates available.

  • To run Java LiveUpdate on Windows:

1. Execute runliveupdate.bat from collector folder.

C:\Program Files\Symantec\SESA\Agent\collectors\collector_name\runliveupdate.bat

  • To run Java LiveUpdate on Linux or Unix:

1. Execute runliveupdate.sh from the collector folder

/opt/Symantec/sesa/Agent/collectors/collector_name/runliveupdate.sh

Note: If the Agent and Collector are installed to a different location, please modify the paths in the commands listed above.

Note: The installer will automatically stop and restart services, as necessary.

The following collectors cannot be updated with Java LiveUpdate.

 

Collector Name

Collector Version

Type of Collection

SMS for Exchange v4.6

 

SESA  Legacy Collector

Symantec Gateway Security 5600

 

SESA  Legacy Collector

HIDS 4.1.0

 

SESA  Legacy Collector

SNS 7100

 

SESA  Legacy Collector

SEMAV 2.1.2

 

SESA  Legacy Collector

SMS for Domino V5.0

 

SESA  Legacy Collector

  


Powered by Wolken Software