Openbsd - Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual

63
Step 1
Step 2
Step 3
Step 4
Step 5
O BSD
PEN
A STRM OpenBSD DSM accepts events using syslog. STRM records all relevant
informational, authentication, and system level events.
Before you configure STRM to integrate with OpenBSD, you must:
Log in as a root user.
Open the
/etc/syslog.conf
Add the following line to the top of the file. Make sure all other lines remain intact:
*.* @<IP address>
Where is the IP address of the STRM system.
IP address
Save and exit the file.
Send a hang-up signal to the syslog daemon to make sure all changes are
enforced:
kill -HUP `cat /var/run/syslog.pid`
Note: The character in the above command is the one next to the 1 key on the
`
keyboard, not a single quote character.
You are now ready to configure the sensor device within the STRM interface. To
configure STRM to receive events from an OpenBSD server, you must select the
OpenBSD OS option from the Sensor Device Type drop-down list box. For more
information on configuring sensor devices, see the Managing Sensor Devices
Guide.
See your OpenBSD documentation for more information.
Configuring DSMs Guide
file.