Linux Audit

Overview

The Linux Security collection technology in Event Manager works with GNU/Linux based operating systems, retrieving logical security events for almost every distribution.

SSH-based Event Manager collectors retrieve security events by using Secure Shell connections to each host, implementing a more secure connection and avoiding the possible loss of data.

Syslog collectors perform the same function as the SSH-based collectors but require the syslog trail to be configured to the collection nodes.

The main features of this collection technology with Event Manager are:

Only one datasource needed for each server
Automatic parsing of audit events

System Pre-requisites

The Linux collection technology in Event Manager relies on the Linux Audit daemon, or the Linux audit module. Before using the Event Manager collectors you must ensure that your Linux host is configured correctly and meets the minimum requirements.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Version: 6.9 | April 2024