Sentinel: Connection Type: File all

  • Document ID:3476458
  • Creation Date:06-Dec-2006
  • Modified Date:26-Apr-2012
    • Micro Focus Products:
      Sentinel

Environment

Windows 2000 sp4; 2003 sp1
Solaris 9
Redhat Linux ES 3
Sentinel 5.1.x

Situation

What is the difference between file all and file new connection types?

Resolution

File New Connection Type

The File New connection type is used to read only security event data that isadded to a file after the script has started. File New opens this file and reads fromthe end of the file. You must specify in the Rx/Tx Value box the path to the logfile.

For more information about configuring agent with this connection type, see theagent documentation (such as agent Solaris Syslog) located in%workbench_home%\elements\\docs

File All Connection Type

The File All connection type is used to read all the security event data in a file. If you select File New or File All, you can enter either inputfile or outputfile for theRx/Tx Value. The format is as follows:

inputfile, outputfile
or
inputfile
or
outputfile

If you select File New or File All and the file shrinks, the file is read from thebeginning.