Manualshelf

User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S
231232233234235236237238239240
ManageEngine Firewall Analyzer :: User Guide
239
Zoho Corp.
Configuring Secure Computing Sidewinder
Firewall Analyzer supports Sidewinder G2.
Configuring Sidewinder To Send Audit Data To Firewall Analyzer
1. Open /etc/sidewinder/auditd.conf
2. Add the following line at the end of the file, to configure syslog to use the
Sidewinder Export Format (SEF):
syslog (local0 filters[“NULL”] sef)
You can use ‘local0’ through ‘local7’ as names for the facility; they are predefined
in syslogd.
3. Save the configuration and exit the editor.
4. Open /etc/syslog.conf
5. Append local0.* @<server_name> at the end, where facility local0 matches the
facility mentioned in step 2 and <server_name> is the name of the machine
where Firewall Analyzer is running.
6. Save the configuration and exit the editor.
7. Look up syslog’s process ID by entering the following command:
pss syslog
8. Implement the changes by restarting the syslogd and auditd processes, using the
following two commands:
kill -HUP <syslog process ID>
cf server restart auditd
The Sidewinder G2 will now send audit data to Firewall Analyzer.