Audit Collection Admin™

Fully leverage the Audit Collection Service (ACS) and optimize your auditing infrastructure. Using the Audit Collection Admin™ and the ACS Health MP, you can easily manage ACS via a centralized graphical console, improve ACS health monitoring and simplify capacity and performance planning activities for Forwarders, Collectors and your Audit Database.

The Admin and the Health MP combine experience from hundreds of ACS deployments into an easy to use, comprehensive solution that’s fully integrated with the Operations Manager console. Manage your ACS environment with confidence and ease administrative overhead while improving infrastructure health and performance.

Solution Resources

Solution Features

ACS Configuration

The Audit Collection Admin gathers configuration data on a routine basis from the local registry, the adtAdmin command and SQL server.

Collector Discovery

Collector
1) AdtAgent Port
2) Backoff Threshold
3) Convert Time Stamps to Local Time
4) Database Schema Version
5) Database Queue Query
6) Default Group
7) Disconnect Threshold
8) ODBC Connection
9) Perform Index Maintenance
10) Partition Switch Offset
11) Partition Interval
12) Partitions to Keep
Database
1) Database Name
2) Database Size
3) Database Free Space
4) Database Used Space
5) SQL Server Name
6) Total Partitions
7) Total Partitions InTransition
8) Total Partitions InActive
Database Partitions
1) Parition ID
2) Status
3) Start Time
4) Close Time
5) Row Count
6) Data Size (MB)
7) Index Size (MB)
8) Total Size (MB)
Forwarder
1) Group ID
2) Version

ACS Health Monitoring

The Audit Collection Admin provides extended health monitoring of the ACS Collector and Audit Database.

ACS Health Model

Health Monitoring Rules
1) ACS hotfix 949969 not installed
2) ACS Query set to Default
3) Active Partitions Greater than 1
4) DB Queue Backoff Threshold Exceeded
5) DB Queue Disconnect Threshold Exceeded
6) Partition Count Greater than X (default 15)
7) SQL SP2 not installed
8) SQL SSIS not installed or running (SVT specific)

ACS Performance

The Audit Collection Admin provides performance monitoring and trending of all ACS Collector and Forwarder performance counters.

Collector Performance View

Collector
1) Connected Clients
2) Database Queue % Full
3) Database Queue Length
4) DB Loader Events Inserts/Sec
5) DB Loader Principal Inserts/Sec
6) DB Loader Strings Inserts/Sec
7) DB Principal Cache Hit %
8) DB Requests Queue Length
9) DB String Cache Hit %
10) Event time in collector
11) Incoming Events/Sec
12) Interface Audit Insertions/Sec
13) Interface Queue Length
14) Registered Queries
Forwarder
1) Average Event Rate
2) Average Time to Collector
3) Connect Time
4) Current Event Rate
5) Disconnect Time
6) Last Action
7) Total Transmitted Events
8) Total Size of Transmitted Events
9) Recieved Packet Count
10) Recieved Packet Size
11) Seconds Since Last Connection

Frequently Asked Questions

How is the Admin solution licensed?

The Audit Collection Admin is licensed per ACS Collector.

The solution is included with the 'Security Auditing' package and can also be bought separately.

Existing Customers: Included with SA coverage for 'Security Auditing' and 'Security Compliance'.

If you have any questions, comments, need support or would like to place an order please contact us for assistance.

News & Events

Press Release 08/04/2009: Secure Vantage Releases Security Auditing SP2 for the Audit Collection Services (ACS)

Online Webcasts 06/08/2009: Download the ACS Master Class Series for free real world expert training on the Audit Collection Services.

Read more