• No results found

Symantec Critical System Protection Agent Event Viewer Guide

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Symantec Critical System Protection Agent Event Viewer Guide"

Copied!
14
0
0

Loading.... (view fulltext now)

Download now ( 14 Page )

Full text

(1)

Symantec™ Critical System

(2)

Symantec™ Critical System Protection Agent Event

Viewer Guide

The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.

Documentation version 5.1

Legal Notice

Copyright ©2006 Symantec Corporation. All rights reserved.

Federal acquisitions: Commercial Software - Government Users Subject to Standard License Terms and Conditions.

Symantec, the Symantec Logo, Norton, Norton AntiVirus, and LiveUpdate are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH

DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

(3)

Technical Support

Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product feature and function, installation, and configuration. The Technical Support group also authors content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates.

Symantec’s maintenance offerings include the following:

■ A range of support options that give you the flexibility to select the right amount of service for any size organization

■ Telephone and Web-based support that provides rapid response and up-to-the-minute information

■ Upgrade insurance that delivers automatic software upgrade protection

■ Global support that is available 24 hours a day, 7 days a week worldwide. Support is provided in a variety of languages for those customers that are enrolled in the Platinum Support program

■ Advanced features, including Technical Account Management

For information about Symantec’s Maintenance Programs, you can visit our Web site at the following URL:

www.symantec.com/techsupp/ent/enterprise.html

Select your country or language under Global Support. The specific features that are available may vary based on the level of maintenance that was purchased and the specific product that you use.

Contacting Technical Support

Customers with a current maintenance agreement may access Technical Support information at the following URL:

www.symantec.com/techsupp/ent/enterprise.html Select your region or language under Global Support.

Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to recreate the problem.

When you contact Technical Support, please have the following information available:

■ Product release level

■ Hardware information

(4)

■ Operating system

■ Version and patch level

■ Network topology

■ Router, gateway, and IP address information

■ Problem description:

■ Error messages and log files

■ Troubleshooting that was performed before contacting Symantec ■ Recent software configuration changes and network changes

Licensing and registration

If your Symantec product requires registration or a license key, access our technical support Web page at the following URL:

www.symantec.com/techsupp/ent/enterprise.html.

Select your region or language under Global Support, and then select the Licensing and Registration page.

Customer service

Customer service information is available at the following URL: www.symantec.com/techsupp/ent/enterprise.html

Select your country or language under Global Support.

Customer Service is available to assist with the following types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information about product updates and upgrades

■ Information about upgrade insurance and maintenance contracts

■ Information about Symantec Value License Program

■ Advice about Symantec's technical support options

■ Nontechnical presales questions

■ Issues that are related to CD-ROMs or manuals

Maintenance agreement resources

If you want to contact Symantec regarding an existing maintenance agreement, please contact the maintenance agreement administration team for your region as follows:

■ Asia-Pacific and Japan: [email protected]

(5)

■ North America and Latin America: [email protected]

Additional enterprise services

Symantec offers a comprehensive set of services that allow you to maximize your investment in Symantec products and to develop your knowledge, expertise, and global insight, which enable you to manage your business risks proactively. Additional services that are available include the following:

To access more information about Enterprise Services, please visit our Web site at the following URL:

www.symantec.com

Select your country or language from the site index.

Symantec Early Warning Solutions

These solutions provide early warning of cyber attacks, comprehensive threat analysis, and countermeasures to prevent attacks before they occur.

Managed Security Services

These services remove the burden of managing and monitoring security devices and events, ensuring rapid response to real threats.

Consulting services Symantec Consulting Services provide on-site technical expertise from Symantec and its trusted partners. Symantec Consulting Services offer a variety of prepackaged and customizable options that include assessment, design, implementation, monitoring and management capabilities, each focused on establishing and maintaining the integrity and availability of your IT resources.

(6)
(7)

Contents

Technical Support

Chapter 1

Agent event viewer overview

About the agent event viewer ... 9

What you can do with the agent event viewer ... 10

Installing the software ... 10

Starting the agent event viewer ... 10

Chapter 2

Using the agent event viewer

Displaying events ... 13

Freezing and resuming scrolling ... 14

(8)
(9)

Chapter

1

Agent event viewer

overview

This chapter includes the following topics:

■ About the agent event viewer

■ What you can do with the agent event viewer

■ Installing the software

■ Starting the agent event viewer

About the agent event viewer

The Symantec™ Critical System Protection agent event viewer displays recent events that were reported by your Symantec Critical System Protection agent. Events are informative, notable, and critical activities that concern your computer and Symantec Critical System Protection.

(10)

10 Agent event viewer overview

What you can do with the agent event viewer

What you can do with the agent event viewer

You can use the agent event viewer to do the following:

■ Display events reported by your Symantec Critical System Protection agent.

■ Display event details for a selected event, including event priority, operation, process, process set, and process ID.

■ Freeze and resume scrolling in the agent event viewer window.

■ Copy events to the Windows clipboard, for pasting into a word processing or spreadsheet document.

Installing the software

The Symantec Critical System Protection agent event viewer runs on supported Windows operating systems. The agent event viewer is automatically installed when you install the Symantec Critical System Protection agent. No separate installation is required.

See the Symantec Critical System Protection Installation Guide for a list of supported Windows operating systems.

Starting the agent event viewer

You start the Symantec Critical System Protection agent event viewer from the Windows system tray.

To start the agent event viewer 1 Log on to your agent computer.

2 Click Start > Programs > Symantec Critical System Protection > Policy

Monitor.

(11)

11 Agent event viewer overview Starting the agent event viewer

(12)
(13)

Chapter

2

Using the agent event

viewer

This chapter includes the following topics:

■ Displaying events

■ Freezing and resuming scrolling

■ Copying events to the Windows clipboard

Displaying events

The Symantec Critical System Protection agent event viewer lets you display events by category.

Table 2-1 lists the categories of events that you can display with the agent event viewer.

Table 2-1 Event categories Event category Description

All events Display all prevention, detection, and management events. Prevention Display prevention events.

An agent’s prevention policy generates prevention events when applications access computer and network resources that violate the policy’s behavior control.

Detection Display detection events.

(14)

14 Using the agent event viewer Freezing and resuming scrolling

To display events

1 In the agent event viewer, click an event category. 2 To display event details, click View > Details.

Event details are shown in the bottom portion of the agent event viewer window.

Freezing and resuming scrolling

The Freeze command lets you temporarily halt scrolling in the agent event viewer window, so that you can study the events.

To freeze and resume scrolling

1 In the event viewer, click View > Freeze.

2 When you are ready to resume scrolling, click View > Resume.

Copying events to the Windows clipboard

You can copy events to the Windows clipboard, and then paste the contents of the clipboard into a word processing or spreadsheet document.

To copy events to the Windows clipboard

1 In the agent event viewer, select one or more events. Press and hold the Ctrl key to select multiple events. 2 Click Edit > Copy to copy the events to the clipboard.

Management Display management events.

An agent records management events that are related to the agent’s configuration and communication status.

Profile Display profile events.

An agent’s prevention policy generates profile events when a process is profiled.

References

Download now ( PDF - 14 Page - 176.31 KB )

Related documents

Cache-partitioned hash table with LRU eviction

In this thesis we introduce CPHASH - a scalable fixed size hash table that supports eviction using an LRU list, and CPSERVER - a scalable in memory key/value

DHL Data Mining Project. Customer Segmentation with Clustering

Clusters and cluster groupings have a low variability when it comes to sizing using different attributes i.e local revenue and billed weight. For almost all the cluster

The Role of Local Retailers’ Association in the Sustainable Development of a Historical Commercial District

Legal restrictions about the conservation and revitalization of historical commercial districts, only including the ones in Istanbul, Kayseri and Bursa, had first defined in 1977

Practical Plumbing Engineering Design Vol 3 2004

(1) Groundwater monitoring, (2) Vapor monitoring, (3) Secondary containment with interstitial monitoring, (4) Automatic tank gauging, (5) Tank tightness testing with inventory

Symantec Security Information Manager Administrator Guide

To collect logs from a proprietary application, first download and install the universal collectors on the computer on which Symantec Event Agent is installed. See “About

Symantec Event Collectors Integration Guide for Symantec Security Information Manager 4.7

Note: If you install a collector on a computer that runs Windows 7, Windows Vista, or Windows Server 2008, you must adhere to the following conditions: You must use Symantec Event

Hands-On Microsoft Windows Server 2008

• All of the event logs in Event Viewer have a filter option to help you quickly locate a problem • The events can be filtered on the basis of the.

Adaptec Event Monitor Utility. User s Guide

The Adaptec Event Monitor logs events to the Windows Event Viewer (the operating system event logging utility) and to the Event Monitor log files. The log files are available at