Plugin

Enable imports from VMS: Enable/Disable from VMS client

​

VMS file path: HP VMS machines generate their logs on preformatted files, in the machines it will be necessary

to orient these files on a specific folder, here we will indicate the folder to the program that will be used to take the files and interpret them within the program.

​

Enable AS400 imports: Enable/Disable AS400 import.

​

AS400 Print File Path: Log acquisition from AS400 systems occurs via a DSPLOG command schedule that

prints the internal system logs to a PRT configured to print to a text file.

The path must point to a folder where these files are stored.

(it is best to have an AS400 system administrator follow up)

​

Additional AS400 servers: it is possible to configure up to two servers.

For each server, a custom name can be defined (if not specified, “AS400” will be assigned by default) and a dedicated folder for saving the logs can be set.

The machine name is automatically added to the machine list upon the first access log.

Activate BusinessLog RT Server: Enable or disable acquisition from BusinessLog RT.

​
RT port: The TCP port used by RT clients (default 22422).

Transfer Rate RT: The bandwidth used for the transfer rate of RT files through TCP.

FileMaker Path:  Enabling the option and specifying a path will capture the logs produced by FileMaker.

Enable SQL Audit: Enable acquisition from files exported by the Sql Server audit system.

​

CVE: the plug-in allows you to define the criteria used by the system to analyze known vulnerabilities (CVE) downloaded from the NIST/MITRE databases, enabling you to filter only the most relevant ones.

The Minimum Score parameter sets the CVSS threshold to be considered, including in the analysis only vulnerabilities with a score equal to or higher than the selected value.

The Recent Days parameter instead limits the check to vulnerabilities published within the specified time frame, allowing you to focus on the most recent ones and avoid an excessive number of results.

Activate Server: Enabling the server activates listening on UDP port 514. It will be necessary to enable the respective clients on the machines and devices concerned, pointing to the IP of this machine as Syslog Server.