ACS (SLES 12) Modules Management Pack

Microsoft.ACS.Linux.SLES.12 :: 10.19.1008.0 (Management Pack)

This is the management pack to collect auditable syslogs from UNIX/Linux (SLES 12) computer and write them to Security Event Log.

Summary

The SUSE Linux Enterprise Server 12 ACS Management Pack provides the means of collecting auditable syslogs from SUSE Linux Enterprise Server 12 Operating Systems and write them to the Windows Security Event Log.

Management Pack Elements

Classes (1)

 DisplayNameIDBase ClassAbstractHostedSingletonGroupExtensionAccessibility
Microsoft.ACS.Linux.SLES.12.ACSEndPointSLES 12 ACS EndpointMicrosoft.ACS.Linux.SLES.12.ACSEndPointMicrosoft.ACS.Unix.ACSEndPointFalseTrueFalseFalseFalsePublic

Discoveries (1)

 DisplayNameIDTargetEnabled
Microsoft.ACS.Linux.SLES.12.ACSEndPoint.DiscoveryDiscover SUSE Linux Enterprise Server 12 ACS EndpointMicrosoft.ACS.Linux.SLES.12.ACSEndPoint.DiscoveryMicrosoft.ACS.Unix.ACSEndPointTrue

Rules (21)

 DisplayNameIDTargetCategoryEnabledAlert Generate
Microsoft.ACS.Linux.SLES.12.Adding.GroupAdding Group (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Adding.GroupMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Adding.UserAdding User (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Adding.UserMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Adding.User.To.GroupAdding User to Group (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Adding.User.To.GroupMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Console.FailedFailed Console Login (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Console.FailedMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Console.InvalidInvalid Console Login (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Console.InvalidMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Deleting.GroupDeleting Group (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Deleting.GroupMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Deleting.UserDeleting User (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Deleting.UserMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Deleting.User.From.GroupDeleting User from Group (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Deleting.User.From.GroupMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Password.Change.FailedFailed Password Change (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Password.Change.FailedMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Password.Change.From.Root.SucceededSuccessful Password Change from root user (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Password.Change.From.Root.SucceededMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Password.Change.From.User.SucceededSuccessful Password Change from non-root user (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Password.Change.From.User.SucceededMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Password.Change.Maximum.TriesMaximum Tried Password Change (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Password.Change.Maximum.TriesMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Ssh.FailedFailed ssh login (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Ssh.FailedMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Ssh.InvalidInvalid ssh login (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Ssh.InvalidMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Ssh.SucceededSuccessful ssh login (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Ssh.SucceededMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Su.FailedFailed su (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Su.FailedMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Su.SucceededSuccessful su (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Su.SucceededMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Sudo.Conversation.ErrorFailed sudo with one or two times try (password) (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Sudo.Conversation.ErrorMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Sudo.FailedFailed sudo (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Sudo.FailedMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Sudo.InvalidInvalid sudo (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Sudo.InvalidMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse
Microsoft.ACS.Linux.SLES.12.Sudo.SucceededSuccessful sudo (SUSE Linux Enterprise Server 12)Microsoft.ACS.Linux.SLES.12.Sudo.SucceededMicrosoft.ACS.Linux.SLES.12.ACSEndPointEventCollectionTrueFalse