Hi Folks,

Need your help !

Want to configure a centralized Audit server (Currently the centralized server is running Octopussy Web interface,  which receives logs from remote hosts by Rsyslog ).

The challenge and confusion here is .. all my linux clients are configured with syslog-ng and the daemon is sending all the system logs and kernel logs like messages,secure,cron logs etc ... with out any trouble.

The problem is the syslog-ng daemon is not able to send the auidtd logs (/var/log/audit.log) to the Rsyslog server,

Hence request your help to guide me how to setup the syslog-ng to forward the audit.log to the remote Rsyslog server.

It would be great if i can get client side and server side configuration guidelines.

--

Thanks in Advance
- Koresh