Configuring Linux
You can configure RSA Authentication Manager for syslog on Linux based operating systems:
- Log in to the RSA Security Console command-line interface (CLI).
- Open the following file for editing based on your operating
system:
/usr/local/RSASecurity/RSAAuthenticationManager/utils/resources /ims.properties - Add the following entries to the ims.properties file:
ims.logging.audit.admin.syslog_host = <IP address> ims.logging.audit.admin.use_os_logger = true ims.logging.audit.runtime.syslog_host = <IP address> ims.logging.audit.runtime.use_os_logger = true ims.logging.system.syslog_host = <IP address> ims.logging.system.use_os_logger = true
Where <IP address> is the IP address or host name of JSA.
- Save the ims.properties files.
- Open the following file for editing:
/etc/syslog.conf
- Type the following command to add JSA as
a syslog entry:
*.* @<IP address>Where <IP address> is the IP address or host name of JSA.
- Type the following command to restart the syslog services
for Linux.
service syslog restart
- You can now configure the log sources and protocol in JSA: To configure JSA to receive events from
your RSA Authentication Manager: From the Log Source Type list, select the RSA Authentication Manager option.
For more information on configuring syslog forwarding, see your RSA Authentication Manager documentation.