AIX Open Source

AIX Open Source

Share your experiences and connect with fellow developers to discover how to build and manage open source software for the AIX operating system

 View Only

  • 1.  auditbeat configuration

    Posted Wed October 02, 2024 05:29 AM

    Hello , 

    By any chance, has anyone already configured the AUDITBEAT product, from the toolbox? 

    I made a conf for rhel (x86) but listing under AIX the folders created (/opt/freeware/share/auditbeat/bin/auditbeat, /opt/freeware/share/auditbeat/kibana) and the only 2 files of conf offered (auditbeat.yml and fields.yml), I cannot start the service, nor know where to configure the ip addresses for the elastricsearch server nor the logstash.
    The only message I get is a missing or unconfigured module: 

     /opt/freeware/share/auditbeat/bin #./auditbeat test config                         
    Exiting: 1 error: no metricsets configured for module 'system'

    Thanks in advance

    Fred

    ps : I'd prefer to use the native auditd module, but our partner need to use auditbeat uploads.



    ------------------------------
    Frederic PONCE
    ------------------------------


  • 2.  RE: auditbeat configuration

    Posted Thu October 03, 2024 05:54 AM

    auditd is part of the LINUX audit framework...i can hardly imagine how this could do anything in aix.

    concerning your error message..i heard somewhere in a far and distant past that the system module is not included in the "free" apache 2.0 licensed version of of auditbeat.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message