I have two RHEL 9.4 systems and I want to configure auditing on *both* systems. The one RHEL system will be used for a basic linux system for testing, and the other will be used for a Syslog server for collection before forwarding to a remote location for storage.
* Both systems should audit the same parameters.
* The test RHEL box should forward the audit logs collected over TLS to the remote Syslog server (typically done over port 6514, I believe) and the Syslog server should send it's logs over loopback over port 6514 where a process will be placed to ingest those logs over that port and forward to a remote location.
The process to collect those logs isn't what is needed. The set up and configuration of what was listed above on both sides to include setting up TLS with a self-signed certificate is what is needed.
Can anyone assist in this?
Asked by jkells
(1 rep)
Oct 21, 2024, 03:14 PM
Last activity: Oct 22, 2024, 12:58 PM
Last activity: Oct 22, 2024, 12:58 PM