sending /var/log/audit/audit.logs to NagiosLS

[csirico]

Greetings
Just getting into using the Nagios Log Server. I added a Linux source using the configuration script (setup-Linux.sh) which works great.
I understand that veiws what is normally seen in /var/log/messages.
In our environment, we also configure /etc/audit/audit.rules to capture specific events IAW DISA Stigs. I haven't been successful in trying to get the output of /var/log/audit/audit.logs to the Nagios LS.
Any help would be appreciated - Thank you

[ssax]

Please go to Home > Other > Linux Files:
- Run the auto script
---- NOTE: Change X.X.X.X in both commands to the IP of your Nagios Log Server

Code: Select all

curl -sS -O http://X.X.X.X/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s X.X.X.X -p 5544 -f "/var/log/audit/audit.log" -t AUDIT_LOG

[csirico]

I was going about it the wrong way, this is much easier. Since we are building this through puppet and deploying these systems elsewhere,
this is much easier to incorporate into puppet

Thank you -

[scottwilkerson]

I was going about it the wrong way, this is much easier. Since we are building this through puppet and deploying these systems elsewhere,
this is much easier to incorporate into puppet

Thank you -

Great!

Locking thread