Highlighted
kshiv
1 Copper

How to get events from CEE

Is there any way (http GET url, File read or Database read) through which I can get to know the details about the events which CEE has received from Isilon Cluster.

Labels (1)
0 Kudos
5 Replies
sjones51
2 Iron

Re: How to get events from CEE

Hi kshiv,

Have you looked through the File System Auditing with EMC Isilon, EMC Common Event Enabler, and Varonis Best Practices Guide?

https://support.emc.com/docu50353

0 Kudos
jvo1
1 Copper

Re: How to get events from CEE

Did you install CEE on windows or a Linux server? If on windows, you can install and run DebugView to see which events are coming in from the Isilon.

0 Kudos
shivk
1 Copper

Re: How to get events from CEE

I have installed CEE on Windows.

Actually I wanted to get the event programmatically. For example some REST API to GET the events received by CEE or some file location where I can read it programmatically.

0 Kudos
shivk
1 Copper

Re: How to get events from CEE

Yes, I had gone through the best practice guide. But I wanted to extract events programmatically.

0 Kudos
scott_owens
1 Nickel

Re: How to get events from CEE

CEE is simply forwarding the events onto defined endpoints (Varonis, etc..), so you couldn't retrieve the messages from CEE, as they aren't stored on the CEE server.

You could setup syslog forwarding of the auditing events and grab the events from a syslog server.