Unsolved
This post is more than 5 years old
5 Practitioner
•
274.2K Posts
0
3224
How to get events from CEE
Is there any way (http GET url, File read or Database read) through which I can get to know the details about the events which CEE has received from Isilon Cluster.
sjones51
252 Posts
0
November 1st, 2016 08:00
Hi kshiv,
Have you looked through the File System Auditing with EMC Isilon, EMC Common Event Enabler, and Varonis Best Practices Guide?
https://support.emc.com/docu50353
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 1st, 2016 12:00
Did you install CEE on windows or a Linux server? If on windows, you can install and run DebugView to see which events are coming in from the Isilon.
shivk
2 Posts
0
November 1st, 2016 21:00
I have installed CEE on Windows.
Actually I wanted to get the event programmatically. For example some REST API to GET the events received by CEE or some file location where I can read it programmatically.
shivk
2 Posts
0
November 1st, 2016 21:00
Yes, I had gone through the best practice guide. But I wanted to extract events programmatically.
scott_owens
60 Posts
1
November 2nd, 2016 18:00
CEE is simply forwarding the events onto defined endpoints (Varonis, etc..), so you couldn't retrieve the messages from CEE, as they aren't stored on the CEE server.
You could setup syslog forwarding of the auditing events and grab the events from a syslog server.