Q: What is InfoCollector?
A. InfoCollector is an information collection tool, bundled with IntruShield Manager, that allows you to easily provide McAfee with IntruShield-related log information. McAfee can use this information to investigate and diagnose issues you may be experiencing with the IntruShield Manager.

Q. What information can InfoCollector collect?
A: InfoCollector can collect information from the following sources within the IntruShield system:

    * Emslog Files: configurable logs containing information from various components of the IntruShield Manager. The current ems.log file is renamed when its size reaches 1MB, using the current timestamp. Another ems.log is created to collect the latest log information.
    * Configuration backup: a collection of database information containing all IntruShield configuration information.
    * Configuration files: XML and property files within the IntruShield config directory 
    * Faultogs: a table in the IntruShield database that contains generated fault log messages.
    * Sensor Trace: a file containing various sensor-related log files.
    * Compiled Signature (output.bin): a file containing signature information and policy configuration for a given sensor.

Q: Who can use InfoCollector?
A: InfoCollector is a tool that can be used both by you and by McAfee:

    * McAfee systems engineers can use the InfoCollector tool to provide you with a definition(.def)  file via email. This file is configured by McAfee to automatically choose needed information from your IntruShield installation. You simply open the definition file within the InfoCollector and the needed checkboxes are automatically selected.
    * Alternatively, McAfee may ask you to select checkboxes that correspond to different sets of information available within IntruShield.

Q: How do I install and run InfoCollector?
A: Follow these steps to install and run InfoCollector:

   1. Download the InfoCollector.zip file from the McAfee website and uncompress it to the following location:
      C:\[INTRUSHIELD_INSTALL_DIR]\diag
      Files related to InfoCollector should be in the following location:
      C:\[INTRUSHIELD_INSTALL_DIR]\diag\InfoCollector

   2. Run the following batch file:
      C:\[INTRUSHIELD_INSTALL_DIR]\diag\InfoCollector\infocollector.bat

Q: How do I use InfoCollector?
A: Follow these steps to use InfoCollector:

   1. After you run InfoCollector, do one of the following:
      If McAfee provides you with a definition file:
         1. After you run InfoCollector, open the File menu and click Open.
         2. Select the definition file that McAfee sent you via email and click Open.   

    If McAfee instructs you to select InfoCollector checkboxes:
        a. After you run InfoCollector, select checkboxes (explained aboved) as instructed by McAfee.

   2. Click the Browse button and select the path and filename of the output ZIP file.
   3. Click the Run button.
   4. Provide the output ZIP file to McAfee.