- Site Collector Overview
- Get Started with Site Collectors
- Install Site Collector
- Set Up Collectors
- Sign Up for the Early Access Program: Site Collectors
- Set Up Archive Windows Collector
- Set Up Archive Linux Collector
- Set Up EStreamer Collector
- Set Up Fortinet Collector
- Set Up IBM Security QRadar Collector
- Set Up Kafka Collector
- Set Up Splunk Collector
- Set Up Linux File Collector
- Set Up Microsoft SQL Collector
- Set Up MySQL Collector
- Set Up Oracle Collector
- Set Up Syslog Collector
- Set Up Windows Active Directory Collector
- Set Up Windows Event Log Collector
- Set Up Windows File Collector
- Manage Site Collectors
- Site Collector Monitoring
- Troubleshoot the Site Collector
- Pre-checks failed during Site Collector installation and upgrade
- Site Collector UI shows the status INSTALLATION_ERROR
- Download Support Packages for Troubleshooting
- How to reboot the Virtual Machine (VM) successfully to apply security updates?
- What information must be added while creating a support ticket to resolve an issue?
- Site Collector UI is not displaying the heartbeats
- Splunk Collector can't be set up
- Splunk Collector is set up however, logs are not reaching DL/AA
- Only a few of the installed Splunk Collectors are processing logs or EPS has dropped by 50% as compared to last hour
- The Windows Active Directory Collector (formerly known as LDAP Collector) is set up, however, the context data is not reaching DL/AA
- The Windows Active Directory Collector (formerly known as LDAP Collector) is stuck in the ‘Update’ mode after deployment
- Installation is initiated; however, the collector shows the status as ‘Setting Up’ for some time
- Data Lake and Advanced Analytics Does Not Show Context Data
- Context Data from Windows Active Directory Collector is Segmented
- Minifi Permission Denied - Logback.xml File Missing and Config File Update - Failed Error Occurred while Installing the Windows Event Log Collector
- Where should I upload proxy certificates if I am running proxy with TLS interception?
- How to upgrade Linux collector instance?
Monitor Log Sources
Using the Log Source Monitoring feature, you can easily monitor log sources on Exabeam Security Operations Platform and get notified of any issues, which prevents you from missing out on timely detections and potential attack alerts.
In addition to timely monitoring of each log source, the Log Source Monitoring feature provides you with:
Notifications about the designated log source if the log source becomes inactive and stops to transmit logs
Data alerting upon issue occurrence and proactive monitoring techniques applied at log source level
Capability to view silent log source cases in last 24 hours
The following table describes each field displayed on the Log Sources tab. For each Collector instance, you can view the following information.
Field | Description |
|---|---|
Host | Source host or a virtual machine from where log source that is a piece of log information is delivered. |
Collector Type | Type of the Collector: Windows Event Log, File, and Archive |
Template | Name of the template that you used for your Collector instance. |
Last Day Volume | The volume of raw log data or event logs from Windows Event Log collector, Windows File collector, Linux File collector, Windows Archive collector, and Linux Archive collector, for the last 24 hours. |
Last Seen | The time when the the log source sent logs. |
Status | The current status of the log source: Running, Silent, or Deleted.
|
View Details | Detailed status information for the collector and error history for troubleshooting. |