Procedure to process the audit_trail log into an external server
####
Audit logging is controlled by
syslogd. Crossbeam uses a reserved facility (
local6) to send audit-trail messages.
# tail -1 /etc/syslog.conf
local6.* /var/log/audit_trail.log
Instead of a local file, you can specify an external server to send audit logs. For example:
You must add the server IP address and hostname to the
/etc/hosts file and then restart the
syslogd process.
# echo "IP server.com" >> /etc/hosts
# service syslogd restart Workaround
N/A