Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Log & Event Manager (LEM) > Install Agent on Solaris server

Install Agent on Solaris server

Table of contents
Created by Tim Rush, last modified by Steven Bansil on Jun 27, 2016

Views: 131 Votes: 0 Revisions: 6

Overview

Install and configure the Solaris agent to log data to the LEM.

Environment

  • All versions of LEM
  • Solaris operating system installed
  • Same procedure applicable if Solaris on Sparc or Intel hardware architecture.

Steps

1. Download the agent installer to a Windows computer.

2. Unzip the agent to expose the "setup.bin" file.

3. Use WINSCP or other method to copy the installer file to the Solaris server.

4. Log onto the Solaris server as root, and go to the directory where the installer resides.

5. Change the permissions "chmod 777 setup.bin".

6. Launch the installer by entering  "setup.bin".

7. Answer all the questions, and specifying the IP-address or hostname of the LEM.

8. Solaris (like all Unix and Linux) can be customized where startup scripts are kept.
     (copy the file "SWLEM-agent" (from /usr/local/contego/ContegoSPOP/SWLEM-agent) to the startup scripts, ie...  /etc/init.d/ )

9. Manually start the Solaris agent:  /usr/local/contego/ContegoSPOP/SWLEM-agent.

10. Open the LEM GUI-console, select Manage > Appliances, and watch for the agent to connect.

11. Configure the connectors on the agent by clicking "connectors" on the left gear.
     (or use Build > Groups from the top navigation to create a new connector profile.)

12. Connectors will be named with Solaris, and assumes that you have installed either the BSM or the Snare auditing for Solaris.

13. Create a filter under Monitor, or create an nDepth search "AnyAlert.ToolAlias = solaris", and observe the log data.

 

 

Last modified
22:52, 26 Jun 2016

Tags

Classifications

Public