Skip to Content
Information
Limited support BMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

Using correlation applications

This final section puts together various concepts discussed previously by explaining the practical application of the correlation elements introduced in Correlation-server-input-and-output and elaborated upon in Normalization-of-input-data through Thread-and-trigger-component.

BMC Defender Server has application within diverse business models. The program can operate as a security system, supporting regulatory compliance, but can also serve as an essential building block in a larger management strategy.

Information
Example

It is valid to use BMC Defender Server in such diverse roles as a simple syslog message aggregator, or as an SNMP trap collector, or as a message archiving system, or as an automation component in an incident management system. 

This section confines the discussion to BMC Defender Server's role as an enterprise correlation server. However, it is important to consider that this is only one of a multiplicity of possible application roles for BMC Defender Server.

This section also provides a further discussion of the various correlation components, specifically how to effectively use threads, alerts, actions, and tickets, to create a correlation strategy for an enterprise. As part of this discussion, this section suggests practical configuration policies for the system, as well as more theoretical discussions.

This section provides information about the following topics:

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI Command Center for Security 6.1