How to pull security event logs in CA database

I don't think CA does collect native Windows event log.
Quest provides two products: CA and InTrust.
1. CA generates own log for each platform or type (AD, Exchange, Windows OS, SQL, Logons)
2. InTrust collects "untempered" native logs generated by the platform (Windows Event Log, etc.) and stores them in \\Repository in zipped encrypted format for long time (even if DC Security Log is 95% of junk events)
CA and InTrust both complement each other.
In general customer might start audit solution with CA as "quick win" and later explore the audit needs and discover that InTrust is needed.

Thank you for reply. we have sdk in CA, can we do it from that?

Regards,

The CA SDK has been deprecated as of version 6.9 and I'm not sure how well supported it was to begin with. My recollection was that it was mainly intended as a way to pull data OUT of the CA database rather than putting data in. Furthermore, even if you do go down this path, you would still want be VERY careful about what data you inject into the database as 95% of the events recorded into the native Windows Event Log are "noise" and are of little to no value. As Aidar noted, the InTrust product is built to work out-of-the-box with native Windows and other types of events. In its current form, it is very easy to get up and running (very comparable to CA) so you might want to trial it rather than throwing time at developing a way to pollute your CA database.