Quantcast
Channel: THWACK: Message List - Security Event Manager (SEM) - Formerly Log & Event Manager
Viewing all articles
Browse latest Browse all 5385

Re: File monitoring on Linux

$
0
0

The auditd log is what captures those events in Linux, and LEM has a reader for the auditd.log.  The only trick is that different distros may move auditd.log around or change the name, so you'll have to make sure you specify the correct path and file in the connector configuration.

 

In Centos 7 it's in /var/log/audit/audit.log, for example.

 

2016-03-21 12_28_47-SolarWinds Log & Event Manager.png


Viewing all articles
Browse latest Browse all 5385

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>