SideWinder G2- Syslog Support

Homepage http://www.securecomputing.com/
Specifics
  • Console into your Sidewinder and make sure that you have "sroled" your login.
    This has been tested and working on SideWinder G2 6.1.1.01, but it most likely will work if you find these same files in earlier versions.


  • Edit This file:
    /etc/sidewinder/auditd.conf

    Find this section:

    begin_rules
    log(logfile filters[] type)
    syslog(facility filters[] format)
    ipaddr_resolution(src_addr dst_addr)
    time_format(zone)
    end_rules


  • *****ADD THIS LINE HERE ****
    syslog(local0 filters["NULL"] sef)

    Save the file.


  • Edit this file
    /etc/syslog.conf

    Add this line at the end:
    local0.* @yourloghosthere.


  • Save the File and restart the syslog and auditd processes, by issuing these commands:

    kill -HUP syslogpid

    replace syslogpid with the pid of the syslog server.
    Hint: Use - ps -axd | grep syslog (to find the pid)

    cf server restart auditd

Credits to Scott Swenka for providing this information.


Still problems enabling syslog? Find the solution in our forum or post a question there!

Syslog messages generated by these products can be received by MonitorWare Agent and WinSyslog.

All information in this section is to the best of our knowledge but without warrenty of any kind. This is free information - use it at your sole risk.

[Back to Syslog Enabled Products]


 

Back to Non-Printer Version