Configuring AIX Syslog
AIX servers automatically generate events that are stored in the syslog. You can use the stored security audit events to audit the AIX/UNIX server using the Event Manager “out-of-the-box” security template.
To audit AIX Syslog records you need to modify the host file and syslog configuration file.
- Set the IP address of the server running Event Manager Monitoring Node in the Hosts file. The host file is in the folder /etc/hosts. Add the following entry to the hosts file:
- Refresh the syslog daemon using the following commands:
Once you have completed this step, all syslog records are sent to the IP address defined in step 1 of this process. Machine serverhelpsystems, where Event Manager is installed, is running the “out-of-the-box” security template from which the syslog retrieves AIX information and stores it in the Event Manager database.