Hi guys,
I am currently runnig hp-ux v11.3. I have enabled auditing and I am able to send the audit events to a text file in syslog format using the following command:
audisp -r /var/.audit/audtrail/auditfile -P -o follow -O sync | audit_p2l > /var/adm/auditlog
I am required to send the audit events to the SIEM appliance using syslog.
Kindly guide me on what I need to do to achieve the following:
[*]Make the syslog on the HP-UX server to send the events in this file /var/adm/auditlog to the SIEM
[*]Make the audit events to sent to the syslog directly without running the above command.
Is there a similar solution for HP-UX like what we have in redhat/centos/fedora.
Your assistance will be highly appreciated.