Cron is a Solaris daemon utility that automates scripts and
commands to run system-wide on a scheduled basis.
About this task
The following steps provide an example for automating newauditlog.sh to run daily at midnight. If
you need to retrieve log files multiple times a day from your Solaris system, you must alter your
cron schedule.
Procedure
-
Type the following command to create a copy of your cron file:
-
Type the following command to edit the cronfile:
-
Add the following information to your cronfile:
0 0 * * * /etc/security/newauditlog.sh
-
Save the change to the cronfile.
-
Type the following command to add the cronfile to
crontab:
-
You can now configure the log source in IBM
QRadar to retrieve the Sun
Solaris BSM audit log files.
What to do next
You are now ready to configure a log source in QRadar.