Overview of ACS Support for Cross Platform Operation Systems
適用於: Operations Manager 2007 R2
ACS support for Windows-based operating systems is natively available in Operations Manager 2007 R2. For a detailed explanation of Windows-based ACS, see About Audit Collection Services (ACS) in Operations Manager 2007 (https://go.microsoft.com/fwlink/?Linkid=155928).
ACS support for cross-platform operating systems takes advantage of the existing ACS architecture.
The following components are part of the Operations Manager 2007 R2 ACS functionality:
| Component | Description |
|---|---|
ACS Forwarder |
The ACS Forwarder sends all audit data from the local Security Event log to the ACS Collector. |
ACS Collector |
The ACS Collector receives and processes audit data and then sends this data to the ACS database. |
ACS Database |
The ACS database is the central repository for events that are generated by an audit policy within an ACS deployment. |
Windows Security Event Log |
The Windows Security Event log is the storage location for all audit data before the ACS Collector transfers the event to the ACS database. |
The following components are part of Operations Manager 2007 R2 Cross Platform functionality.
| Component | Description |
|---|---|
Cross Platform Agent Log File Provider |
The agent resides on each UNIX-based or Linux-based computer that is being managed. It is deployed as part of the initial configuration of cross-platform management. |
Cross Platform Log File Data Source Module |
The Cross Platform Log File Data Source module resides on Operations Manager management servers. It handles all audit data reported by each Cross Platform Agent Log File provider within a managed system. |
The following components are new as part of Operations Manager 2007 R2 ACS functionality:
| Component | Description |
|---|---|
ACS Management Packs |
The ACS management packs provide the definitions of the audit data to be monitored. |
Cross Platform Parsing and Security Event Log Write Action Module |
The Cross Platform Parsing and Security Event Log Write Action module parses the audit data from each managed UNIX-based and Linux-based computer and writes the information to the Windows Security Event log. |
ACS Event Schema with UNIX Extensions |
The ACS Collector schema is extended to support the additional content and formatting of audit data sent by UNIX-based and Linux-based computers. |
.gif "ACS 架構的高階描述")
Windows-based computers are configured for audit collection. The ACS Forwarder moves the audit data to the Windows Security Event log (WSEL). The ACS Collector then collects the audit data and copies it into the ACS database.
In Cross Platform ACS, the ACS management packs and the Cross Platform Log File Data Source module write the event data into the WSEL. The ACS Collector, now extended with the ACS event schema, collects the audit data and copies the information into the ACS database.