Versions Compared

Version Old Version 2 New Version Current
Changes made by

Aparna Rr

Aparna Rr

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Log Type

 Ingestion label

Preferred Logging Protocol - Format

Log collection method

Linux Auditing System (AuditD)

AUDITD

Syslog KV/Unstructured

CyberHub

Linux Sysmon

LINUX_SYSMON

(Raw log telemetry)

Syslog XML

CyberHub

Unix system

NIX_SYSTEM

Syslog Unstructured

CyberHub

...

To Configure Linux Sysmon logging

Please follow the steps below to enable raw log telemetry.

The below steps are validated on following Linux distributions - Ubuntu v22.04.4 LTS, RHEL v9.3 and Debian v12.5.

...

To Forward All the Linux OS Logs to CyberHub

The below steps are validated on following Linux distributions - Ubuntu v22.04.4 LTS, RHEL v9.3, Debian v12.5, IBM PowerVM v10.x and SUSE Linux Enterprise v15.5.

  1. Modify or create the /etc/rsyslog.d/50-default.conf file and add the following line at the end of the file:

Code Block
*.* @@FORWARDER_IP:601

Replace FORWARDER_IP with CyberHUB CyberHub IP. The @@indicates that TCP is used to send the message.

...