WinCollect Configuration Console overview
In stand-alone deployments, use the WinCollect Configuration Console to manage your WinCollect deployment. Use the WinCollect Configuration Console to add devices that you want WinCollect to collect agents from, and add the IBM® QRadar® destination where you want to send events.
- Install the WinCollect agent in stand-alone mode. For more information, see Installing the WinCollect agent on a Windows host.
- Install .net framework version 3.5
- Install Microsoft Management Console (MMC) 3.0 and later.
The following table describes the WinCollect Configuration Console.
| Sections | Description |
|---|---|
| Global Configuration | The Global Configuration parameter allows you to view, add and update information about the system where WinCollect data is stored. |
| Disk Manager - the path to the WinCollect Data, which is used to buffer events to
disk when the event rate exceeds the event throttle. Capacity is the maximum capacity allowed for the contents of the Data Folder. WinCollect does not write to this folder after the maximum capacity is reached. |
|
| Installation Information - displays information about the WinCollect agent
installation. Application Identifier - the header of the payload messages sent to the status server. Status Server - where the WinCollect Agent status events, such as heart beat messages and any warnings or errors generated by the WinCollect Agent, are sent. |
|
| Security Manager - centralized credentials, used to collect events from remote devices. | |
| Destinations | The Destinations parameter defines where WinCollect device data is sent. |
| Syslog TCP or Syslog UDP destinations include
the following
parameters: Name Hostname Port Throttle (events per second) You can expand a destination to view all devices that are assigned to the destination. |
|
| Devices | The Device parameter contains available device types. Under each device types, you can view or update multiple device parameters. |