0 Replies Latest reply on Mar 25, 2016 7:07 AM by leshe4ka

    receiving and parsing events from the daemon AUDITD in ESM



      Colleagues, and who ever tried to configure auditing in Linux/Unix not SYSLOG and through AUDITD daemon ?

      And to receive events generated by the service auditd in ESM ?

      Whether there is a normalization rules in Resiver for Linux/Unix auditing ?

      Maybe someone tried to collect events from the auditd with the help of SIEM Collector ?