000037450 - How to Send AAoP SysLog to SIEM RSA SA NetWitness Tool in an environment with Apache Tomcat deployed

Document created by RSA Customer Support Employee on May 13, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037450
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Product/Service Type: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.1 P6
IssueHow to Send AAoP SysLog to SIEM RSA SA Netwitness Tool in an environment with Apache Tomcat deployed
ResolutionThis article details the steps to be taken for sending AAoP syslogs to SIEM RSA SA Netwitness Tool.
The changes are to be made in the log4j.properties file under Adaptive Authentication, Adaptive Authentication Admin, Access Management and Case Management respectively.
Also, the IP address (SA-IP-address) of the Netwitness monitoring tool (SIEM RSA SA) will be required to make the changes. The exact steps to be taken to configure the changes are detailed in the attached document.

Outcomes