KBI 311732 New Feature: Save Selected Windows Events Into Database For Reporting
Version
Argent Advanced Technology 5.1A-1901-A or above
Date
Thursday, 31 January 2019
Summary
Argent for Compliance parses a subset of Windows Events for Compliance reports
In order to do reports on Events that are not included, they have to be saved as RAW data into SQL table ARGSOFT_COMPLIANCE_LOG_ARCHIVE
However, there was no efficient way to do so
Whether to save RAW data into SQL table is controlled by node level property
When it is turned on by selecting option ‘SQL Database’ or ‘Both SQL and File System Data’, any security log entries would be saved in database, which can adversely affect SQL DB space usage
Argent Advanced Technology 5.1A-1901-A has been enhanced to allow Rule level option to control the behavior
As a result, user can selectively save events specified in the Rule filter into SQL database
Technical Background
N/A
Resolution
Upgrade to Argent Advanced Technology 5.1A-1901-A or above