Navigation:  Configuring EventSentry >

Event Log Consolidation

 Top  Previous  Next

In order to forward events log entries to a database you will need to create a new filter package (or use an existing one) and create a filter. A filter package is necessary since all filters need to be contained in filter packages, and the filter itself tells EventSentry which events to forward to the database.

 

Configure the filter itself according to your requirements (e.g. which logs and severities to forward to the database), but make sure that you add the ODBC target to the list of targets.

 

Alert or Warning 1 24 n g

In most cases one filter will be sufficient (e.g. when you consolidate all Audit Failures to the database), but you might have to create multiple filters if your requirements are more complex.

 

Please see Event Log Consolidation in the best practises guide for more information.