Beruflich Dokumente
Kultur Dokumente
This document contains the following information for the Microsoft Internet Information Services
(IIS) event source:
l Configuration Instructions
Important: If you have already configured this event source as a monitored device, configure the event
source as a multi-device.
To configure Microsoft IIS to work with enVision, complete the following tasks:
I. Configure Microsoft IIS
II. Set Up the NIC SFTP Agent
III. Set Up the NIC File Reader Service
Note: You must select cs-method. All other selections are optional.
8. Click OK.
9. In the Log File Rollover section, select Schedule, and from the drop-down list, select Daily.
10. In the Actions pane, click Apply.
11. Repeat steps 1 through 10 for each service for which you want to manage logs. Substitute the other
services for the Sites folder in step 3.
7. Write down the directory shown in the Log file directory field at the bottom of the Logging
Properties window. You need this information when you set up the NIC FTP Agent or NIC SFTP
Agent.
8. On the Extended Properties tab, ensure that the following extended logging options are selected:
l Date
l Time
l All of the Extended Properties.
9. Click Apply.
10. In the Inheritance Override pop-up window, select cs-method and any other options that you want.
Repeat this for each Inheritance Override pop-up window that opens.
Note: You must select cs-method. All other selections are optional.
11. Click OK .
12. Repeat steps 1 through 12 for each network service for which you want to manage logs. Substitute
the other network services for the Web Site folder selected in step 3.
6. Click Apply.
7. In the Inheritance Override pop-up window, select cs-method and any other options that you want.
Repeat this for each Inheritance Override pop-up window that opens.
8. Click OK.
9. Repeat steps 1 through 8 for each server type for which you want to manage logs. Substitute the
server type name for the Web Sites tab selected in step 1.
Note: The SFTP sample file is available on RSA SecurCare Online (SCOL) and on the enVision
appliance. For details, see RSA enVision NIC SFTP Agent Configuration.
Note: If you are upgrading Microsoft IIS to content 2.0, ensure that the sftpagent.conf.microsoftiis file
directs logs to the new FTP file location. To do this, in the sftpagent.conf.microsoftiis file, you must
include _TVM_ before the IP address in the fileV.ftp parameter, for example, dir0.ftp=enVisionIP,nic_
sshd,publickey,IIS_TVM_IPaddress.
For instructions on installing the NIC SFTP Agent, see RSA enVision NIC SFTP Agent Configuration,
which is available on SecurCare Online..
Note: The support for Microsoft Internet Information Services raw log collection requires RSA enVision
4.0 Service Pack 3 and bug fixes (EBFs) ENV-35180 and ENV-35760-31341-29881-35627. For details,
contact RSA enVision Customer Support, at nic-support@rsa.com.
For complete details on new and updated messages, see the Event Source Update Help.