[syslog-ng] Query On configuring Centralized Audit server with Auditd daemon
Balazs Scheidler
bazsi77 at gmail.com
Tue Aug 7 07:35:33 CEST 2012
Hi,
you probably need to tell auditd to log to syslog on the client hosts.
----- Original message -----
> Hi Folks,
>
> Need your help !
>
> Want to configure a centralized Audit server (Currently the centralized
> server is running Octopussy Web interface, which receives logs from
> remote hosts by Rsyslog ).
>
> The challenge and confusion here is .. all my linux clients are
> configured with syslog-ng and the daemon is sending all the system logs
> and kernel logs like messages,secure,cron logs etc ... with out any
> trouble.
>
> The problem is the syslog-ng daemon is not able to send the auidtd logs
> (/var/log/audit.log) to the Rsyslog server,
>
> Hence request your help to guide me how to setup the syslog-ng to forward
> the audit.log to the remote Rsyslog server.
>
> It would be great if i can get client side and server side configuration
> guidelines.
>
> --
> Thanks in Advance
> - Koresh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20120807/d677662d/attachment.htm
More information about the syslog-ng
mailing list