Chat now with support
Chat with Support

InTrust 11.3.2 - Preparing for Auditing Privilege Manager for Sudo

Step 1. Install InTrust with Privilege Manager for Sudo Knowledge Pack

First of all, you need to install InTrust in your environment. In order to work with Privilege Manager for Sudo, make sure that during setup you selected the Privilege Manager for Sudo Knowledge Pack to install with InTrust.

Caution: Knowledge Pack for at least one of the supported by InTrust Unix systems (namely, AIX, HP-UX, Solaris, Linux) must be installed for InTrust in addition to the Privilege Manager for Sudo Knowledge Pack.

For detailed guidelines on installing InTrust, refer to the InTrust Deployment Guide.

Predefined Objects

The Privilege Manager for Sudo Knowledge Pack installation brings the following objects to InTrust:

  • Data source: “PM for Sudo Syslog”
  • Gathering policy: “PM for Sudo: All Syslog Events”
  • Import policy: “PM for Sudo: All Syslog Events”
  • Tasks: “PM for Sudo Syslog - daily collection", "PM for Sudo weekly reporting”
  • Site: “PM for Sudo master hosts”

Step 2. Install the Agent

You need to install an InTrust agent on any Privilege Manager for Sudo master host from which you need to gather audit data. Currently, InTrust supports installing agent on master hosts running one of the following operating systems:

  • AIX version 5.3, 6.x, and 7.1
  • HP-UX 11i version 1, 2, and 3
  • HP-UX Itanium 11i version 1, 2, and 3
  • Solaris-SPARC version 8, 9, and 10
  • Solaris-Intel version 8, 9, and 10
  • Red Hat Enterprise Server version 4 AS/ES
  • Red Hat Enterprise Linux version 5 and 6
  • Red Hat Enterprise Linux (64-bit edition) version 5 and 6
  • SuSE Enterprise Server version 10 and 11
  • SuSE Enterprise Server (64-bit edition) version 10 and 11

For details about installing the InTrust agent on any of these operating systems, see Installing Agents Manually.

Step 3. Establish a Connection with InTrust Server

See Establishing a Connection with the Server in Installing Agents Manually.

Step 4. Add Agent to Site on InTrust Server

To add the agent to your InTrust site, take the following steps:

  1. In Quest InTrust Manager | Configuration | Sites | Unix Network, right-click the PM for Sudo master hosts node and then click Add | Computer.
  2. Type in the name of agent previously installed on step 2.

Note: To view agents registered for this InTrust server, open Quest InTrust Manager | Configuration | InTrust Servers | <Server Name> | Agents node in the left-pane.

  1. Click Commit on the toolbar to apply changes.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating