RSA Admin

Unable to generate any meaningful reports out of the Solaris server logs

Discussion created by RSA Admin Employee on Mar 1, 2010
Latest reply on Mar 1, 2010 by RSA Admin

Hi there,

We have roughly 20 Solaris server logs integrated to envision. For some reason, we are unable to generate any meaningful reports using the built-in reports that comes out of the box with envision.

 

Solaris servers are of v8, 9 and 10, although they are promptly sending the logs to envision. I think envision is not parsing the logs properly and therefore, unable to generate reports.

 

Btw, we did not completely follow the instructions as recommended by RSA for Solaris server integration as our UNIX administrators found it too comprehensive. I believe they configured the syslog.conf and couple of other files to syslog the events to envision ser ver collector IP. Is anyone else facing a similar issue?

 

Thanks in advance,

Tera

Outcomes