Import process runs in the GatheringEngine.exe executable; a separate instance of GatheringEngine.exe is created for each import job. The process extracts data from the repository files, applying the appropriate filters, and stores the data in the audit database: GatheringEngine.exe opens a connection to the specified audit database, and imports the data using the BULK INSERT statement. Up to 4000 events are imported per transaction.
Consolidation runs in the GatheringEngine.exe executable; a separate instance of GatheringEngine.exe is created for each consolidation job.
Consolidation process checks that the source repository actually contains the appropriate data for the data source(s) defined in the consolidation policy, and for the timeframe specified in the consolidation job.
You can consolidate audit data from a repository that is located on an InTrust server behind a firewall. To do it, first find out the repository path on the InTrust server behind the firewall and the password of the InTrust organization behind the firewall. Then take the following steps:
The indexes of InTrust repositories are created and maintained by the IndexingTool.exe utility, which resides in the InTrust\Server subfolder of the InTrust installation folder on the InTrust server and on Windows computers with the InTrust agent installed. This utility is designed to be launched automatically by InTrust Server or agent, not manually. However, manual operation is also supported for situations described in Repository Indexing for Advanced Search Capabilities.
Depending on the configuration of the repository, the indexing workload can be managed in one of the following ways:
The workload distribution is managed by the RemoteIndexLauncher.exe utility on the InTrust server. This utility handles both server-side and distributed indexing. The utility cannot be launched manually.
In addition to repository properties, indexing is configured by the following organization parameters:
Organization Parameter | Meaning |
---|---|
IDX_IndexAccessCheckMode |
Specifies how to check index security configuration. The values are as follows:
The default value is 0. |
IDX_IndexingThreadCount |
Sets how many threads indexing will use. The values are as follows:
Values less that -1 will cause errors. The default value is -1. |
For more information, see Repository Indexing for Advanced Search Capabilities.
© ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center