Log Synchronization

Endpoint Privilege Management for Unix and Linux supports redundant servers to allow for the continuity of the security rules in the event the policy server host becomes unavailable. In such an environment, the log file is created on the primary log server.

If the primary log server becomes unavailable, then transactions are no longer recorded on the primary log server, and the secondary server takes over to continue to log events and I/O streams.

When the network is restored, the primary policy server resumes logging to the destination system. Network administrators who want to monitor an I/O log or an event log would have to manually collect the logs from the primary and secondary servers, determine which occurred first, and finally merge and synchronize the logs.

The log synchronization feature reduces the workload for system administrators by providing automated log consolidation and merging of logs across the network using a single command.