Install and configure SolarWinds SEM agent on a Solaris server
This article provides steps on how to Install and configure the Solaris agent and connectors to log Solaris daemon logs to the Security Event Manager (formerly Log & Event Manager).
NOTE: This article assumes that you have enabled Solaris Basic Security Mode (BSM). If not follow my article Enabling the Solaris Auditing Subsystem.
- Download the Solaris SEM agent installer from your SolarWinds customer portal to a computer.
- Upload the downloaded agent to /var/tmp on your Solaris server
- Extract the agent:
# cd /var/tmp # unzip SolarWinds.....
If you uploaded the file as a user other than root, then check if the file has execute perm for the user if not give executable perm viachmod +x setup.bin
- Launch the installer:
# ./setup.bin
- Answer all the questions and specify the IP address/FQDN of your SEM Appliance when prompted.
- Manually start the Solaris agent:
# /usr/local/contego/ContegoSPOP/SWLEM-agent start
- Copy the file "SWLEM-agent" (from /usr/local/contego/ContegoSPOP/SWLEM-agent)
# cp /usr/local/contego/ContegoSPOP/SWLEM-agent /etc/init.d
- To verify the process is running:
# ps -ef | grep contego
-
To stop the agent, run:
# /etc/init.d/SWLEM-agent stop
- Finally, follow the document Configure SEM connectors to configure individual connectors for the logs you would like to monitor.