In CA PAM we can store only limited records. So if we need all the data we have some options like Syslog server or maybe Splunk server. Currently, we are using the CA PAM in the AWS environment.
So can these logs be forwarded to the S3 bucket in AWS?
Currently, using CA PAM appliance with Linux OS, having configured logrotate and a simple cronjob to upload compressed logs onto S3 bucket it will eliminate an extra server provisioning for logging.
If this is possible from CAPAM appliance?
This is a howto do query.
This has two aspects
1. Is it possible to redirect syslogs to any Linux host which is in the same hosted platform (VM / AWS)
2. Does CA PAM have the ability to send the session and syslogs directly to the S3 bucket of AWS
Release: 3.2.x, 3.3.x, 3.4.x
Component : PRIVILEGED ACCESS MANAGEMENT
1. Using CA PAM the syslogs can be forwarded to any syslog application host as long as the syslog application is accepting incoming traffic over the UDP port.
If the syslogs are required to be sent over to a Linux / UNIX host, refer the documentation on how to setup the syslog service for the specific OS
2. Currently, CA PAM does not have the ability to send session logs or syslogs directly to the S3 bucket. This would be a product enhancement request.