Kensington Technology Associates presents this version 0.2 update to our addWindowsSources tool. addWindowsSources solves the problem whereby Administrators of SA are unable to automatically onboard Windows Log Event Sources into a SA Log Collector after they have been added to a Windows domain. Even though SA does provide the ability, out-of-the-box, to bulk add Windows event sources from a CSV file, it must be done manually by an Adminstrator, from the web UI. This tool now scripts this manual process, and it can be easily scheduled to run automatically by an Administrator (e.g. by using 'cron'), thus automatically adding any new hosts to SA which have been added to your Windows domain.
- Added command line option --delete to effect removal of existing event sources within the selected Event Category which are not contained in the CSV, effectively treating the CSV as authoritative for the Event Category.
- The tool no longer attempts to re-add event sources which are already defined in the selected Event Category. This should dramatically speed up subsequent runs of the script for AD domains with a large number of computers, in synchronous mode.
- It can pull your CSV from an HTTP/HTTPS URL, so you can dump your CSV to a secure web server
- Removes event sources from your Log Collector which have been removed from your domain.
- Easy to run on a schedule
- Runs on any SA 10.6 or 10.5 host (in synchronous mode)
- Runs on any non-SA host running Python 2.6 or 2.7