Re: Tivoli risk manger 4.2

Hi,

I got the PFSS application from Cisco and Iam getting the PIX logs in the
PFSS, I have also given the log path in the eventmonitor But still I am not
able to receive the PIX logs in the tec console.

Should we do any configuration  in the Tivoli desktop(Task library).

Could anyone of you help me on this.

Thanks and Regards,
Shias Abdul.

----- Original Message ----- 
From: "Alejandro de la Villa" 
<delavillaa-4CUfOcDCEfGH0oMTQjrRWA@xxxxxxxxxxxxxxxx>
To: <tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx>
Cc: <shias_abdul-g+YPLvpwk9QAvxtiuMwx3w@xxxxxxxxxxxxxxxx>
Sent: Friday, February 25, 2005 1:27 AM
Subject: Re: [tme10] Tivoli risk manger 4.2


> Are you using a standard syslog concentratod or did you get the PFSS
> application from Cisco? Running on Windows I would suggest you get PFSS
>
> If so. Are you getting Pix Events in the PFSS? If you are not getting Pix
> events in the PFSS (or equivalent) check the configuration in your Pix. If
> possible start a tcpdump, windump or other sniffer in order to check if
> data is coming from Pix.
>
> If you have one spare port in your Pix, it would be good to have it
> connected directly to your security network in exclusive form.
>
> By the way .. Did you set-up a security network for the communication
> between all the adapters en the Risk Manager ? It is safer to have the
> security data traffic private.
>
> Regards
>
> Alejandro de la Villa
> Technology Director
> Infotron SA
>
>
>
> > Hi David,
> >
> > Thanks to you I was able to download and install the HostIDS and it was
> > working perfectly.
> >
> > I have one problem now. I was trying to install the cisco pix firewall
> > adapter in a windows 2000 server machine and the installation went fine
> > but I am not able to receive any events form the syslog server.
> >
> > We have installed ciscoworks in the windows 2000 server and we are
> > trying to take the events from the syslog of the ciscoworks.  How do we
> > take the events from this machine.
> >
> > Could you help me in solving this.
> >
> > Thanks and Regards,
> > Shias Abdul
> >
> >   ----- Original Message -----
> >   From: David M Gordon
> >   To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
> >   Cc: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx ; 
> > tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
> >   Sent: Wednesday, February 23, 2005 7:28 PM
> >   Subject: Re: [tme10] Tivoli risk manger 4.2
> >
> >
> >
> >   Shias,
> >           The best way to install the host IDS adapter for windows on a
> > client would be to do the following:
> >   1.  Download the eventmonitor.tar file from
> >
ftp://ftp.software.ibm.com/software/tivoli_support/misc/Security/RiskManager/adapters/TRM4.2/
> >  2.  Download the winHIDS.zip file from the same location.
> >   3.  Source the risk manager environment
> >   4.  Untar the eventmonitor.tar file and run the launch.bat command  5.
> >  Select the typical configuration and then browse to the location
> > where you saved winHIDS.zip and then click next
> >
> >   Once the setup finished, you will have to restart your agent for the
> > changes to take place.  You should now have the host IDS adapter for
> > windows.
> >
> >   Thanks!
> >   -Dave
> >
> >
> >   David Gordon
> >   Tivoli Software Quality Assurance
> >
> >
> >
> >
> >         "Shias Abdul" <shias_abdul-lX4HsaoqK5cAvxtiuMwx3w@xxxxxxxxxxxxxxxx>
> >         Sent by: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
> >         02/23/2005 05:03 AM Please respond to
> >               tme10
> >
> >
> >        To <tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx>
> >               cc
> >               Subject [tme10] Tivoli risk manger 4.2
> >
> >
> >
> >
> >
> >
> >
> >   Hi All,
> >
> >   We have installed Tivoli Risk Manager 4.2 (Event Server
> > Configuration), DB2 8.1 database, TMF 4.1, TEC 3.9,  in a windows 2000
> > server machine.
> >
> >   We have installed Tivoli Risk Manager 4.2 client installation as well
> > but to configure the Host IDS we require a os_windows.xml file.
> >
> >   Could any of you help me to find the location where this file is
> > available.
> >
> >   Thanks and Regards,
> >   Shias Abdul
>
>
>