AUDISP-REMOTE:(8) System Administration Utilities AUDISP-REMOTE:(8)NAME
audisp-remote - plugin for remote logging
SYNOPSIS
audisp-remote
DESCRIPTION
audisp-remote is a plugin for the audit event dispatcher daemon, audispd, that preforms remote logging to an aggregate logging server.
TIPS
If you are aggregating multiple machines, you should enable node information in the audit event stream. You can do this in one of two
places. If you want computer node names written to disk as well as sent in the realtime event stream, edit the name_format option in
/etc/audit/auditd.conf. If you only want the node names in the realtime event stream, then edit the name_format option in /etc/audisp/aud-
ispd.conf. Do not enable both as it will put 2 node fields in the event stream.
FILES
/etc/audisp/plugins.d/au-remote.conf, /etc/audit/auditd.conf, /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf
SEE ALSO audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).
AUTHOR
Steve Grubb
Red Hat Mar 2008 AUDISP-REMOTE:(8)
Check Out this Related Man Page
AUDISP-REMOTE:(8) System Administration Utilities AUDISP-REMOTE:(8)NAME
audisp-remote - plugin for remote logging
SYNOPSIS
audisp-remote
DESCRIPTION
audisp-remote is a plugin for the audit event dispatcher daemon, audispd, that preforms remote logging to an aggregate logging server.
TIPS
If you are aggregating multiple machines, you should enable node information in the audit event stream. You can do this in one of two
places. If you want computer node names written to disk as well as sent in the realtime event stream, edit the name_format option in
/etc/audit/auditd.conf. If you only want the node names in the realtime event stream, then edit the name_format option in /etc/audisp/aud-
ispd.conf. Do not enable both as it will put 2 node fields in the event stream.
FILES
/etc/audisp/plugins.d/au-remote.conf, /etc/audit/auditd.conf, /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf
SEE ALSO audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).
AUTHOR
Steve Grubb
Red Hat Mar 2008 AUDISP-REMOTE:(8)
Hi All,
My requirement is to get all the files with extension *.txt in a particular path in unix from a remote server using FASTCOPY.
Let us suppose i am in local server , i need to go to REMOTE server using FASTCOPY and get the names of all the files in remote server with *.txt from a... (0 Replies)
Hi,
I'm automatically FTPing few files daily as a cron job to a remote server.
I wanted to know if there is a way to log the successful transfer in a log on the remote server?
The log on the remote server should look something like this.
10/30/2006 00:00:02 - File 1 transferred... (0 Replies)
Hi,
The file format is like the following.
timestamp=2008-02-28-23.50.29.550675;category=CONTEXT;audit event=CONNECT;
event correlator=2;
database=CURDOMS;userid=inst3;authid=INST3;
origin node=0;coordinator node=0;
application id=AC122081.FA97.054468155029;application... (2 Replies)
Hi all please give me the solution for this im stuck somewhere.
I have two files A and B
file A has 300 records as
000.aud
111.aud
.
.
.
300.aud
file B has 213 records randomly
005.aud
176.aud
.
.
.
200.aud
I want to match similar 213 records in file B from file A. (2 Replies)
Hi
I am trying to edit a text file on a remote server using sed from within a cygwin shell on a windows system.
$ sed -i "s/aaa/bbb/g" \\remoteHost\c$\log.info
sed: can't read \remoteHostc$log.info: No such file or directory
What am I missing ?
Thanks. (7 Replies)
Hello,
I am trying to write log from sco box to a remote host.
We already have that setting working for linux server using syslog.
With this setting(on LINUX)
*.* @remote-host for sco I have this
*.debug /usr/adm/syslog
*.* ... (3 Replies)
Hello All,
I want to replace a value of a string in a file on all the remote systems. The file is /opt/adapter/Adapter/snmp/conf/snmpd.conf and the parameter to be replaces if "rocommunity" for which current value is "public" and wish to change it to "sp1der".
i did trying it through sed, but... (4 Replies)
Dear members, The following expect script connects to remote node and check for the file "authorized_keys" in directory /root/.ssh in remote node. However the result is always found even if the file exist or doesn't exist.
expect {
"$fname" {
send_user "found\n"
}
Any idea what is... (4 Replies)
When unlocking a Linux server's console there's no event indicating successful logging
Is there a way I can fix this ?
I have the following in my rsyslog.conf
auth.info /var/log/secure
authpriv.info /var/log/secure (1 Reply)
Hello all,
Newbie here.
I'm currently tasked with updating rsyslog.conf and auditd.conf on a large set of servers. I know the exact logging configurations that I want to enable. I have updated both files on on a server and hope to use the updated files as a template for the rest of the... (3 Replies)