IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

What's New in WinCollect 7.3.0

By Sophia Sampath posted Mon August 10, 2020 06:51 PM

  

Overview

WinCollect is a Syslog event forwarder that administrators can use to forward events from Windows logs to QRadar. WinCollect can collect events from systems locally or be configured to remotely poll other Windows systems for events.

 

In WinCollect 7.3.0, you can add a secondary destination to receive events from Stand-alone WinCollect agents. In the event of a disaster, when your primary site is not available, to ensure no data loss, you can redirect incoming data to an active site, in this case, a secondary destination.

Configuring a Secondary Destination for Stand-alone WinCollect Agents

 

Within the WinCollect Configuration Console -> Destinations, you can select the desired destination name, and you will see a new field called "Secondary Hostname / IP" where you can specify the destination you would like to use, and you will also see a "Failover timeout (seconds)" field that is set to a default of 30 minutes.

 

 

References

Visit WinCollect 101 for more information on Getting Started with WinCollect and see the WinCollect Release Notes for a list of resolved issues within this release.

0 comments
40 views

Permalink

https://community.ibm.com/community/user/blogs/sophia-sampath1/2020/08/10/whats-new-in-wincollect-730