ACS (RedHat 7) Modules Management Pack

Microsoft.ACS.Linux.RHEL.7 :: 10.19.1008.0 (Management Pack)

This is the management pack to collect auditable syslogs from UNIX/Linux (RedHat 7) computer and write them to Security Event Log.

Summary

The Red Hat Enterprise Linux Server release 7 ACS Management Pack provides the means of collecting auditable syslogs from Red Hat Enterprise Linux Server release 7 Operating Systems and write them to the Windows Security Event Log.

Management Pack Elements

Classes (1)

 DisplayNameIDBase ClassAbstractHostedSingletonGroupExtensionAccessibility
Microsoft.ACS.Linux.RHEL.7.ACSEndPointRHEL 7 ACS EndpointMicrosoft.ACS.Linux.RHEL.7.ACSEndPointMicrosoft.ACS.Unix.ACSEndPointFalseTrueFalseFalseFalsePublic

Discoveries (1)

 DisplayNameIDTargetEnabled
Microsoft.ACS.Linux.RHEL.7.ACSEndPoint.DiscoveryDiscover Red Hat Enterprise Linux Server release 7 ACS EndpointMicrosoft.ACS.Linux.RHEL.7.ACSEndPoint.DiscoveryMicrosoft.ACS.Unix.ACSEndPointTrue

Rules (17)

 DisplayNameIDTargetCategoryEnabledAlert Generate
Microsoft.ACS.Linux.RHEL.7.Adding.GroupAdding Group (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Adding.GroupMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Adding.UserAdding User (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Adding.UserMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Adding.User.To.GroupAdding User to Group (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Adding.User.To.GroupMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Console.Login.FailedFailed Console Login (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Console.Login.FailedMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Console.Login.SucceededSuccessful Console Login (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Console.Login.SucceededMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Deleting.GroupDeleting Group (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Deleting.GroupMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Deleting.UserDeleting User (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Deleting.UserMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Deleting.User.From.GroupDeleting User from Group (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Deleting.User.From.GroupMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Password.Change.FailedFailed Password Change (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Password.Change.FailedMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Password.Change.SucceededSuccessful Password Change (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Password.Change.SucceededMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Ssh.FailedFailed ssh login (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Ssh.FailedMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Ssh.SucceededSuccessful ssh login (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Ssh.SucceededMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Su.FailedFailed su (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Su.FailedMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Su.SucceededSuccessful su (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Su.SucceededMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Sudo.FailedFailed sudo (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Sudo.FailedMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Sudo.InvalidInvalid sudo (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Sudo.InvalidMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.RHEL.7.Sudo.SucceededSuccessful sudo (Red Hat Enterprise Linux Server 7)Microsoft.ACS.Linux.RHEL.7.Sudo.SucceededMicrosoft.ACS.Linux.RHEL.7.ACSEndPointEventCollectionTrueFalse