Hi I am trying to set up a unified logging environment for Solaris, HP-UX and Windows NT/2000 servers. The centralized logging and reporting server will run syslog-ng and accept syslog messages (with an agent converter for NT/2000) from all the servers on the network. I will then use swatch to report against these logs, both near real-time for critical events and daily reports for events which must be monitored but are not considered critical. All Solaris boxes will configured to use the Basic Security Module and audit against events such as successful/failed logins, su and so on. Given that the auditd writes it's files in binary and a tool such as praudit must be used to report against them, I was wondering if anyone knew of a way of integrating this into syslog-ng, maybe by using local0 -7, or there is package out there that does this? We live in hope ...... Regards Olivia The Information is this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any other action taken or any views, opinions or advice contained in this email are those of the sending individual and not necessarily those of the firm. It is possible for data transmitted by e-mail to be deliberately or accidentally corrupted or intercepted. For this reason where the communication is by email, J&E Davy does not accept any responsibility for any breach of confidence which may arise from the use of this medium. If you have received this e-mail in error please notify us immediately at mailto:helpdesk@davy.ie and delete this e-mail from your system.