CA PAM Configuration :
Configuration -> Logs -> Syslog
Enable syslog to the specified server : check
Remote Server (2 max, delimited by a '|') : XXX.XX.XX.XX(IP address of syslog server)
Remote Port(leave blank if default): 514
However, the PAM log is not sent to the syslog server.
Release : All supported versions of CA PAM.
Component : PRIVILEGED ACCESS MANAGEMENT
Please check if the port is listen.
<Sample for Linux 7>
1: Please check /etc/rsyslog.conf file.
# Provides UDP syslog reception
#$ModLoad imudp.so
#$UDPServerRun 514
The above lines are commented.
So please uncomment thg line.
# Provides UDP syslog reception
$ModLoad imudp.so
$UDPServerRun 514
2: Please restart syslog daemon.
#service rsyslog restart
3: Please check the port.
#netstat -an | grep -i udp | grep 514