PAM Syslog Not collected.
search cancel

PAM Syslog Not collected.

book

Article ID: 143327

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

CA PAM Configuration : 

Configuration -> Logs -> Syslog

Enable syslog to the specified server : check

Remote Server (2 max, delimited by a '|') :  XXX.XX.XX.XX(IP address of syslog server)

Remote Port(leave blank if default): 514

However, the PAM log is not sent to the syslog server.

 

Environment

Release : All supported versions of CA PAM.

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Please check if the port is listen.

<Sample for Linux 7>


1: Please check /etc/rsyslog.conf file.

# Provides UDP syslog reception

#$ModLoad imudp.so

#$UDPServerRun 514

The above lines are commented.
So please uncomment thg line.
# Provides UDP syslog reception

$ModLoad imudp.so

$UDPServerRun 514

2: Please restart syslog daemon.
#service rsyslog restart

3: Please check the port.
#netstat -an | grep -i udp | grep 514

Powered by Wolken Software