For systems that use the Internet network management protocol SNMP (Simple Network Management Protocol), you can configure selogrd to create SNMP traps using CA ControlMinder audit records.
To implement the SNMP traps, first locate the SNMP shared objects provided in the CA ControlMinder libraries, and then configure selogrd correctly using these shared objects.
Note: If you want to use the SNMP extension of selogrd, and CA ControlMinder is not installed in the default location (/opt/CA/AccessControl), set an environment variable before running selogrd. The environment variables are as follows, where ACInstallDir is the directory where you installed CA ControlMinder:
The shared objects-usually found in the directory ACInstallDir/lib- are called snmp.xx and libsnmp.xx, where the xx extension varies according to the platform. The possible extensions are:
If you want to use the SNMP extension of selogrd, and CA ControlMinder is not installed in the default location, you must set the following environment variables before running selogrd:
where ACInstallDir is the directory where you installed CA ControlMinder.
Follow these steps:
snmp /opt/CA/AccessControl/lib/snmp.so
For example, suppose you want to have SNMP traps activated when CA ControlMinder starts and shuts down, and have notification of these SNMP traps sent to AuditPC. You can do this by adding the following section to the selogrd.cfg configuration file:
snmpRule snmp AuditPC include Class(START). include Class(SHUTDOWN). .
Note: To send SNMP traps to a gateway with a community name, use the following format:
snmp gateway[@community name]
Example:
snmp AuditPC@secure
Similarly, you can activate the SNMP traps by other actions or types of access, or have them sent to other locations.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|