Hi. This demo will take you through the steps that are needed to start collecting Microsoft IIS logs. And the nice thing is that most types of logs are collected in more or less the same way. So we hope this video helps you learn your way around InTrust gathering in general.
Your InTrust distribution has everything you need to set up IIS log gathering. But the necessary components are probably not installed. To add them to your deployment, run the InTrust setup suite on your InTrust trust server.
The components that provide support for particular kinds of logs are organized into knowledge packs. In this case, select the Microsoft IIS knowledge pack.
Let's see what's new in InTrust after the installation. Start InTrust Manager. Here are the data sources responsible for IIS logs. These are the gathering policies that make sure the data sources are used for gathering.
These all the matching import policies that control transfer of data to audit databases, in case you need SSRS reports. And these are InTrust task [? stubs ?] that schedule the actual gathering.
Most of the newly added stuff is fully configured. It just needs a few finishing touches to get the process started. Some things about your environment can't be known in advance, so you need to specify them.
One such thing as the set of computers to gather from. This set is wrapped into an InTrust object called a site. We're going to use the pre-define dedicated site from the knowledge pack, and include in it the servers we need.
For this demo, let's just specify one server. You can see it really is an IIS server, because the side filter let it through. We're actually done with the configuration. All that's left is to save it. You do that by clicking the Commit button.
Remember to Commit your changes if you want them to take effect. Let's run one of the tasks on the spot to see if everything's OK. We can see that it's working. So we can safely schedule the task.
Again, remember to Commit the changes. If you don't, InTrust will remind you. This, in a nutshell, is how you set up auditing in InTrust Manager.
Thanks for watching.
03:11