IBM AIX Server
- What is Discovered and Monitored
- Event Types
- Rules
- Reports
- Configuration
- Settings for Access Credentials
What is Discovered and Monitored
Protocol |
Information Discovered |
Metrics collected |
Used for |
---|---|---|---|
SNMP | Host name, generic hardware (cpu, memory, network interface, disk), software (operating system version, installed software, running processes, open TCP/UDP ports) | Uptime, CPU/Memory/Network Interface/Disk space utilization, Network Interface Errors, Running Process Count, Installed Software change, Running process CPU/memory utilization, Running process start/stop, TCP/UDP port up/down | Performance Monitoring |
SSH | Hardware (cpu details, memory) | Memory paging rate, Disk I/O utilization | Performance Monitoring |
Syslog | Vendor, Model | General logs including Authentication Success/Failure, Privileged logons, User/Group Modification | Security Monitoring and Compliance |
Event Types
In ADMIN > Device Support > Event Types, search for "ibm_aix" to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
There are no predefined reports for this device.
Configuration
SNMP v1 and v2c
- Make sure that snmp libraries are installed. FortiSIEM has been tested to work with the default AIX package that comes with snmpd preinstalled.
- Start snmpd deamon with the default configuration by issuing
/etc/init.d/snmpd restart
. - Make sure that snmpd is running.
SSH
- Make sure that the
vmstat
andiostat
commands are available. If not, install these libraries. - Create a user account that can issue
vmstat
andiostat
commands. FortiSIEM will use that user account to log in to the server.
Syslog
- Makes sure that
/etc/syslog.conf
contains a*.*
entry and points to a log file.
. @<SENSORIPADDRESS>
- Refresh syslogd.
# refresh -s syslogd
Settings for Access Credentials
- SNMP, Telnet, and SSH Access Credentials for All Devices
- LDAP, LDAPS, LDAP Start TLS / OpenLDAP Access Credentials for All Devices
- LDAP, LDAPS, LDAP Start TLS / Microsoft Active Directory Access Credentials for All Devices
SNMP, Telnet, and SSH Access Credentials for All Devices
See Access Credentials.
LDAP, LDAPS, LDAP Start TLS / OpenLDAP Access Credentials for All Devices
Settings | Value |
---|---|
Name | <set name> |
Device Type | IBM AIX |
Access Protocol | LDAP / LDAPS / LDAP Start TLS |
Used For | OpenLDAP |
Server Port | 389 for LDAP, LDAP Start TLS; 636 for LDAPS |
Base DN | The Distinguished Name (DN) of the starting point for directory server searches |
Password Config | See Password Configuration |
User Name | Name of the user able to access this system |
Password | Password of the user able to access this system |
LDAP, LDAPS, LDAP Start TLS / Microsoft Active Directory Access Credentials for All Devices
Settings | Value |
---|---|
Name | <set name> |
Device Type | IBM AIX |
Access Protocol | LDAP / LDAPS / LDAP Start TLS |
Used For | Microsoft Active Directory |
Server Port | 389 for LDAP, LDAP Start TLS; 636 for LDAPS |
Base DN | The Distinguished Name (DN) of the starting point for directory server searches |
NetBIOS/Domain | The domain name or NetBIOS name attribute |
Password Config | See Password Configuration |
User Name | Name of the user able to access this system |
Password | Password of the user able to access this system |