Chat now with support
Chat with Support

InTrust 11.4.1 - Preparing for Auditing Privilege Manager for Sudo

Step 1. Install InTrust with Privilege Manager for Sudo Knowledge Pack

First of all, you need to install InTrust in your environment. In order to work with Privilege Manager for Sudo, make sure that during setup you selected the Privilege Manager for Sudo Knowledge Pack to install with InTrust.

Caution: In addition to the Privilege Manager for Sudo Knowledge Pack, you need to install the Knowledge Pack for Linux or at least one of the Unix systems supported by InTrust.

For detailed guidelines on installing InTrust, refer to the InTrust Deployment Guide.

Predefined Objects

The Privilege Manager for Sudo Knowledge Pack installation brings the following objects to InTrust:

  • Data source: “Privilege Manager for Sudo Syslog”
  • Gathering policy: “Privilege Manager for Sudo: All Syslog Events”
  • Import policy: “Privilege Manager for Sudo: All Syslog Events”
  • Tasks: “Privilege Manager for Sudo Syslog - daily collection", "Privilege Manager for Sudo weekly reporting”
  • Site: “Privilege Manager for Sudo master hosts”

Step 2. Install the Agent

You need to install an InTrust agent on any Privilege Manager for Sudo master host from which you need to gather audit data. Currently, InTrust supports installing agent on master hosts running one of the following operating systems:

  • HP-UX 11i version 1, 2, and 3
  • HP-UX Itanium 11i version 1, 2, and 3
  • Red Hat Enterprise Server version 4 AS/ES
  • Red Hat Enterprise Linux version 5 and 6
  • Red Hat Enterprise Linux (64-bit edition) version 5 and 6
  • SuSE Enterprise Server version 10 and 11
  • SuSE Enterprise Server (64-bit edition) version 10 and 11

For details about installing the InTrust agent on any of these operating systems, see Installing Agents Manually.

Step 3. Establish a Connection with InTrust Server

See Establishing a Connection with the Server in Installing Agents Manually.

Step 4. Add Agent to Site on InTrust Server

To add the agent to your InTrust site, take the following steps:

  1. In Quest InTrust Manager | Configuration | Sites | Unix Network, right-click the Privilege Manager for Sudo master hosts node and then click Add | Computer.
  2. Type in the name of agent previously installed on step 2.

Note: To view agents registered for this InTrust server, open Quest InTrust Manager | Configuration | InTrust Servers | <Server Name> | Agents node in the left-pane.

  1. Click Commit on the toolbar to apply changes.
Related Documents