How do I configure a running Unix agent to find the Security Manager consolidator? (NETIQKB46158)

  • 7746158
  • 02-Feb-2007
  • 21-Aug-2007

Resolution

goal
How do I configure a running Unix agent to find the Security Manager consolidator?

goal
How do I modify the IDMEF_DESTINATIONS parameter?

goal
How do I specify a Security Manager central computer IP address and port number on a Unix agent?

fact
VigilEnt Security Agent for Unix 5.0

fact
Unix Manager 5.0

fix

Use either ofthe following methods to enable a running Unix agent to find the Security Manager consolidator:

  • Automatic configuration, using Unix Manager.
  • Manual configuration, performed by editing the /etc/vsaunix.cfg file directly on the agent.

Note: NetIQ Corporation recommends that you use the Unix Manager to make this change.

In both of the following procedures, IPADDRESS is the IP addres of the Security Manager central computer acting as the consolidator.

To use Unix Manager to create or update the IDMEF_DESTINATIONS parameter:

  1. Start the Unix Manager console.

  2. Expand Manage Agents  -> Hosts  -> Configure Agents.

  3. Select the required computer.

  4. Note: Scanned hosts appear in the Configure Agents list.
  5. In the Central Computer IP Address and Port  text box, type the following:

  6. IDMEF_DESTINATION=IPADDRESS:1626

    Note: If necessary, you can specify a port other than the default,1626.

  7. Click OK.

To manually create or update the IDMEF_DESTINATIONS parameter:

  1. On the agent computer, log in as root.

  2. Change directories to /etc.

  3. Using vi or another text editor, open the vsaunix.cfg file.

  4. Anywhere above the export line in this file, add a line that contains the IP address and port number for the Security Manager consolidator computer:

  5. IDMEF_DESTINATION=IPADDRESS:1626

    Note: If necessary, you can specify a port other than the default,1626.

  6. Save and close the file.



note
If you still experience problems after performing one of the configuration procedures, you may want to learn more about agent troubleshooting.  For more information, see NetIQ Knowledge Base article NETIQKB47264, How to troubleshoot Unix agent ( VSAU ) alerts not getting to the SM Consolidator.

Additional Information

Formerly known as NETIQKB46158

Feedback service temporarily unavailable. For content questions or problems, please contact Support.