IBM AIX Server DSM overview
The IBM® AIX® Server DSM collects operating system and authentication events using syslog for users that interact or log in to your IBM AIX appliance.
The following table identifies the specifications for both IBM
AIX DSM Server:
Specification | Value |
---|---|
Manufacturer | IBM |
DSM names | IBM AIX Server |
RPM file names | DSM-IBMAIXServer-QRadar_version-build_number.noarch.rpm |
Supported versions | V5.X, V6.X, and V7.X |
Protocol type | Syslog |
QRadar recorded event types |
Login or logoff events Session opened or session closed events Accepted password and failed password events Operating system events |
Automatically discovered? | Yes |
Includes identity? | Yes |
More information | IBM website (http://www.ibm.com/) |
To integrate IBM
AIX Server events with QRadar, complete the following steps:
- If automatic updates are not enabled, RPMs are available for download from the IBM support website (http://www.ibm.com/support). Download and install the most recent
version of the following RPMs on your QRadar
Console:
- DSM Common RPM
- IBM AIX Server DSM RPM
- Configure your IBM AIX Server device to send syslog events to QRadar.
- Configure a syslog-based log source for your IBM
AIX Server device. Use the following protocol-specific
parameters:
Parameter Description Log Source Type IBM AIX Server Protocol Configuration Syslog