AUDISP-REMOTE:(8) System Administration Utilities AUDISP-REMOTE:(8)NAME
audisp-remote - plugin for remote logging
SYNOPSIS
audisp-remote
DESCRIPTION
audisp-remote is a plugin for the audit event dispatcher daemon, audispd, that preforms remote logging to an aggregate logging server.
TIPS
If you are aggregating multiple machines, you should enable node information in the audit event stream. You can do this in one of two
places. If you want computer node names written to disk as well as sent in the realtime event stream, edit the name_format option in
/etc/audit/auditd.conf. If you only want the node names in the realtime event stream, then edit the name_format option in /etc/audisp/aud-
ispd.conf. Do not enable both as it will put 2 node fields in the event stream.
SIGNALS
SIGUSR1
Causes the audisp-remote program to write the value of some of its internal flags to syslog. The suspend flag tells whether or not
logging has been suspended. The transport_ok flag tells whether or not the connection to the remote server is healthy. The
queue_size tells how many records are enqueued to be sent to the remote server.
SIGUSR2
Causes the audisp-remote program to resume logging if it were suspended due to an error.
FILES
/etc/audisp/plugins.d/au-remote.conf, /etc/audit/auditd.conf, /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf
SEE ALSO audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).
AUTHOR
Steve Grubb
Red Hat Apr 2011 AUDISP-REMOTE:(8)
Check Out this Related Man Page
AUDISP-REMOTE:(8) System Administration Utilities AUDISP-REMOTE:(8)NAME
audisp-remote - plugin for remote logging
SYNOPSIS
audisp-remote
DESCRIPTION
audisp-remote is a plugin for the audit event dispatcher daemon, audispd, that preforms remote logging to an aggregate logging server.
TIPS
If you are aggregating multiple machines, you should enable node information in the audit event stream. You can do this in one of two
places. If you want computer node names written to disk as well as sent in the realtime event stream, edit the name_format option in
/etc/audit/auditd.conf. If you only want the node names in the realtime event stream, then edit the name_format option in /etc/audisp/aud-
ispd.conf. Do not enable both as it will put 2 node fields in the event stream.
FILES
/etc/audisp/plugins.d/au-remote.conf, /etc/audit/auditd.conf, /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf
SEE ALSO audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).
AUTHOR
Steve Grubb
Red Hat Mar 2008 AUDISP-REMOTE:(8)
Hi all,
My problem: I want to connect to a remote computer (in the same office as me) which is running a mySQL server, access a specific table and update it, beofre disconnecting from the server. Is this possible? If so, any links/tutorials which might be of use?
I had thought of some sort of... (6 Replies)
Hi,
I want to log-in to a remote server using shell script.
The server requires the following while allowing a connection:
username
password
one - letter authorisation.
How can i implement this in my script?
thanks,
abey (6 Replies)
Hi,
I use to access a file on remote server. Can I create a link for this file present on remote server on my local server, if yes then please let me know.
Thanx in advance. (7 Replies)
Hi,
i dont have remote m/c user credential. i only know remote m/c ip address. and i am able to ping that remote m/c.
In windows we use: "net time \\computername" to get the remote m/c time.
so how can i get remote m/c time in unix m/c? (means a unix command)
Thanks for the help.
... (9 Replies)
Hi,
I'm having a problem performing for loop on remote server, i know this can be done with one liner but i'm not sure how it works if using logical operator such as for ifs and case or while
for server in sterverA serverB serverC ; do
ssh -v $server "cd ~/MyDocuments/; bag=`find... (6 Replies)
Hi
I am trying to edit a text file on a remote server using sed from within a cygwin shell on a windows system.
$ sed -i "s/aaa/bbb/g" \\remoteHost\c$\log.info
sed: can't read \remoteHostc$log.info: No such file or directory
What am I missing ?
Thanks. (7 Replies)
I'm trying to pass there values from the present server to the remote server. here is the below code.
function abc() {
export a=$1
export b=$2
export c="$3"
export d="$4"
#servers
Servers=$(echo server40{1..3}p.s.com)
for host in ${Servers};
do
#server login
ssh $host... (4 Replies)
Hello,
I am trying to write log from sco box to a remote host.
We already have that setting working for linux server using syslog.
With this setting(on LINUX)
*.* @remote-host for sco I have this
*.debug /usr/adm/syslog
*.* ... (3 Replies)
i have doubt about how to power on server from remote location with out contacting with data center people? please anybody replay with whole info.
thank you. (3 Replies)
Hello All,
I want to replace a value of a string in a file on all the remote systems. The file is /opt/adapter/Adapter/snmp/conf/snmpd.conf and the parameter to be replaces if "rocommunity" for which current value is "public" and wish to change it to "sp1der".
i did trying it through sed, but... (4 Replies)
Hi all,
does any one have any idea on how to sets the remote server's name on ubuntu terminal tabs,
without making any changes to the remote server?
for example if i'm working on ssh root@test1
i would like it to be shown on the tittle's tab and if i connect on another it would do the same... (7 Replies)
hi,
can anyone tell me how can i store the names of a file that are in remote server to a file and then get the file that contains the name in local server?
there is a remote server where 5 files are present , say
a.txt
b.txt
c.txt
d.txt
e.txt
i want to write a script in my local... (4 Replies)
Dear members, The following expect script connects to remote node and check for the file "authorized_keys" in directory /root/.ssh in remote node. However the result is always found even if the file exist or doesn't exist.
expect {
"$fname" {
send_user "found\n"
}
Any idea what is... (4 Replies)
Hello all,
Newbie here.
I'm currently tasked with updating rsyslog.conf and auditd.conf on a large set of servers. I know the exact logging configurations that I want to enable. I have updated both files on on a server and hope to use the updated files as a template for the rest of the... (3 Replies)