About Universal Event Collectors

Universal Event Collectors let you collect events from a point product when a Symantec Event Collector is not available for that point product. You define a custom event parsing definition so that Information Manager can interpret the events.

You configure a Universal collector like you configure all other collectors: by creating a sensor configuration and defining sensor properties. You then set up a custom event parsing definition.

The following Universal Event Collectors are available:

• Universal LogFile Event Collector

  Collects events from products that log to text files.

• Universal Syslog Event Collector

  Collects events from products that log events by using the Syslog protocol.

• Universal Event Collector for Microsoft Windows

  Collects events from Microsoft Windows event logs.

• Universal Event Collector for Microsoft Windows Vista

  Collects events from Microsoft Windows Vista, Windows Server 2008, and Windows 7 event logs.

For detailed information on installation and configuration, see the Symantec™ Universal Event Collectors 4.4 for Symantec Security Information Manager 4.7 Implementation Guide.