SideWinder G2- Syslog Support
| Homepage |
http://www.securecomputing.com/ |
| Specifics |
-
Console into your Sidewinder and make sure that you have "sroled" your login.
This has been tested and working on SideWinder G2 6.1.1.01, but it most likely will work if you find these same files in earlier versions.
-
Edit This file:
/etc/sidewinder/auditd.conf
Find this section:
begin_rules
log(logfile filters[] type)
syslog(facility filters[] format)
ipaddr_resolution(src_addr dst_addr)
time_format(zone)
end_rules
-
*****ADD THIS LINE HERE ****
syslog(local0 filters["NULL"] sef)
Save the file.
-
Edit this file
/etc/syslog.conf
Add this line at the end:
local0.* @yourloghosthere.
-
Save the File and restart the syslog and auditd processes, by issuing these commands:
kill -HUP syslogpid
replace syslogpid with the pid of the syslog server.
Hint: Use - ps -axd | grep syslog (to find the pid)
cf server restart auditd
|
Credits to Scott Swenka for providing this information.
Still problems enabling syslog? Find the solution in our
forum or post a question there!
Syslog messages generated by these products can be received
by MonitorWare Agent and
WinSyslog.
All information in this section is to the best of our knowledge but without warrenty of
any kind. This is free information - use it at your sole risk.
[Back to Syslog Enabled
Products]
|
