セキュリティイベント収集の規則

Microsoft.FEP.CollectSecurityEventsRule (Rule)

Element properties:

Target	Microsoft.FEP.ProtectedServer
Category	EventCollection
Enabled	True
Alert Generate	False
Remotable	True

Member Modules:

ID	Module Type	TypeId	RunAs
EventsDS	DataSource	Microsoft.FEP.ProtectedServer.CollectSecurityEventsDS	Default
WriteToDB	WriteAction	Microsoft.SystemCenter.CollectEvent	Default
WriteToDW	WriteAction	Microsoft.SystemCenter.DataWarehouse.PublishEventData	Default

Source Code:

<Rule ID="Microsoft.FEP.CollectSecurityEventsRule" Enabled="true" Target="FEPLibrary!Microsoft.FEP.ProtectedServer" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="EventsDS" TypeID="FEPLibrary!Microsoft.FEP.ProtectedServer.CollectSecurityEventsDS"/>

  </DataSources>

  <WriteActions>

    <WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>

    <WriteAction ID="WriteToDW" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>

  </WriteActions>

</Rule>

セキュリティ イベント収集の規則

Microsoft.FEP.CollectSecurityEventsRule (Rule)

Element properties:

Member Modules:

Source Code:

セキュリティイベント収集の規則