Determine the cause for missing IDS syslogd output.
Procedure
Perform the following steps:
- Ensure that Policy Agent is running on this system
- Ensure that TRMD is running for this stack on this system.
Consider using TCPIP PROFILE Autolog for TRMD.
- Ensure that syslogd is running on this system.
- Ensure that syslogd is configured for IDS output:
- TRMD always writes to the syslog daemon facility.
- Events are written to the syslog level configured in the relevant
policy. Statistics are always written to INFO level.
- If running multiple TRMDs, consider using trmd jobname prefix
to separate IDS output by stack.