Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

sending /var/log/audit/audit.logs to NagiosLS

https://support.nagios.com/forum/viewtopic.php?t=53295

Page 1 of 1

sending /var/log/audit/audit.logs to NagiosLS

Posted: Wed Apr 03, 2019 7:01 am
by csirico
Greetings
Just getting into using the Nagios Log Server. I added a Linux source using the configuration script (setup-Linux.sh) which works great.
I understand that veiws what is normally seen in /var/log/messages.
In our environment, we also configure /etc/audit/audit.rules to capture specific events IAW DISA Stigs. I haven't been successful in trying to get the output of /var/log/audit/audit.logs to the Nagios LS.
Any help would be appreciated - Thank you

Re: sending /var/log/audit/audit.logs to NagiosLS

Posted: Wed Apr 03, 2019 4:47 pm
by ssax
Please go to Home > Other > Linux Files:
- Run the auto script
---- NOTE: Change X.X.X.X in both commands to the IP of your Nagios Log Server

Code: Select all

curl -sS -O http://X.X.X.X/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s X.X.X.X -p 5544 -f "/var/log/audit/audit.log" -t AUDIT_LOG

Re: sending /var/log/audit/audit.logs to NagiosLS

Posted: Thu Apr 04, 2019 11:47 am
by csirico
I was going about it the wrong way, this is much easier. Since we are building this through puppet and deploying these systems elsewhere,
this is much easier to incorporate into puppet

Thank you - :)

Re: sending /var/log/audit/audit.logs to NagiosLS

Posted: Thu Apr 04, 2019 12:59 pm
by scottwilkerson
csirico wrote:I was going about it the wrong way, this is much easier. Since we are building this through puppet and deploying these systems elsewhere,
this is much easier to incorporate into puppet

Thank you - :)
Great!

Locking thread
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited