Configure Privilege Management for Unix & Linux

You can use BeyondInsight to manage Privilege Management for Unix & Linux event logs. Configure BeyondInsight and Privilege Management for Unix & Linux to work together to send event logs to the BeyondInsight management console.

Requirements

  • BeyondInsight 4.5 or later
  • Privilege Management for Unix & Linux 7.5 or later

Generate a Certificate

  1. Open the BeyondInsight Configuration Tool and select Certificate Management.
  2. Select Export certificate.
  3. Select Client certificate.
  4. Enter a password for the export file and provide the destination in the Path field.
  5. Click OK to export the certificate as a PKCS#12 file (with a .pfx extension).
  6. Using BeyondTrust FIPS Object Module for OpenSSL, convert the certificate from PKCS#12 (*.pfx) to PEM (*.pem):
    openssl pkcs12 -clcerts -in <full path of pfx> -out <full path of target pem> -nodes
  7. Securely copy the certificate to the Privilege Management for Unix & Linux policy and log server hosts.
  8. In the settings file, assign the path and file name of this certificate to the keyword sslrcscertfile.

Export the BeyondInsight Server SSL Certificate

  1. Open the Windows Certificate Manager (certmgr.msc) and expand the Trusted Root Certification Authorities folder.
  2. In the details pane, select the BeyondInsight server SSL certificate from the Issued To field.
  3. The certificate name contains the host name of the BeyondInsight server and the text eEye EMS CA.

    Example:

    • RCS host name: LA-HOST-01
    • Certificate name: LA-HOST-01 eEye EMS CA
  4. From the Action menu, select All Tasks > Export.
  5. In the Certificate Export Wizard:
    • Select No when asked to export the private key, and then click Next.
    • Select the DER-encoded binary X.509 (*.CER) format, and then click Next.
    • Provide the target destination of the certificate, and then click Next.
    • Confirm the settings, and then click Finish to export the certificate.
  6. Using BeyondTrust FIPS Object Module for OpenSSL, convert the certificate from DER (*.der) to PEM (*.pem):
    openssl x509 -inform der -in <full path of der> -out <full path of target pem>
  7. Securely copy the certificate to the Privilege Management for Unix & Linux policy and log server hosts.
  8. In the settings file, assign the path and file name of this certificate to the keyword sslrcscafile.

For more information about importing certificates, please see the Privilege Management for Unix & Linux Install Guide.

Configure Keywords

If you have not already done so during installation of Privilege Management for Unix & Linux, set the following keywords in pb.settings on the policy and log server hosts:

  • rcshost
  • rcswebsvcport
  • sslrcscertfile
  • sslrcscafile
  • rcseventstorefile

For a complete list of the keywords that must be configured, please see the Privilege Management for Unix & Linux Admin Guide.