ACS (RedHat 4) Modules Management Pack

Microsoft.ACS.Linux.RHEL.4 :: 7.5.1005.0 (Management Pack)

This is the management pack to collect auditable syslogs from UNIX/Linux (RedHat 4) computer and write them to Security Event Log.

Summary

The Red Hat Enterprise Linux ES release 4 ACS Management Pack provides the means of collecting auditable syslogs from Red Hat Enterprise Linux ES release 4 Operating Systems and write them to the Windows Security Event Log.

Management Pack Elements

Classes (1)

 DisplayNameIDBase ClassAbstractHostedSingletonGroupExtensionAccessibility
Microsoft.ACS.Linux.RHEL.4.ACSEndPointRHEL 4 ACS EndpointMicrosoft.ACS.Linux.RHEL.4.ACSEndPointMicrosoft.ACS.Unix.ACSEndPointFalseTrueFalseFalseFalsePublic

Discoveries (1)

 DisplayNameIDTargetEnabled
Microsoft.ACS.Linux.RHEL.4.ACSEndPoint.DiscoveryDiscover Red Hat Enterprise Linux Server 4 ACS EndpointMicrosoft.ACS.Linux.RHEL.4.ACSEndPoint.DiscoveryMicrosoft.ACS.Unix.ACSEndPointTrue

Rules (17)

 DisplayNameIDTargetCategoryEnabledAlert Generate
Microsoft.ACS.Linux.RHEL.4.Adding.GroupAdding Group (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Adding.GroupMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Adding.UserAdding User (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Adding.UserMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Adding.User.To.GroupAdding User to Group (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Adding.User.To.GroupMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Console.Login.FailedFailed Console Login (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Console.Login.FailedMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Console.Login.SucceededSuccessful Console Login (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Console.Login.SucceededMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Deleting.GroupDeleting Group (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Deleting.GroupMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Deleting.UserDeleting User (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Deleting.UserMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Deleting.User.From.GroupDeleting User from Group (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Deleting.User.From.GroupMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Password.Change.FailedFailed Password Change (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Password.Change.FailedMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Password.Change.SucceededSuccessful Password Change (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Password.Change.SucceededMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Ssh.FailedFailed ssh login (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Ssh.FailedMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Ssh.SucceededSuccessful ssh login (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Ssh.SucceededMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Su.FailedFailed su (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Su.FailedMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Su.SucceededSuccessful su (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Su.SucceededMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Sudo.FailedFailed sudo (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Sudo.FailedMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Sudo.InvalidInvalid sudo (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Sudo.InvalidMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.4.Sudo.SucceededSuccessful sudo (Red Hat Enterprise Linux Server 4)Microsoft.ACS.Linux.RHEL.4.Sudo.SucceededMicrosoft.ACS.Linux.RHEL.4.ACSEndPointEventCollectionTrueFalse