BeyondInsight Event Logging
The BeyondTrustBeyondInsight product enables you to capture and report on privilege and vulnerability data across the entire IT stack (server, desktop, cloud, mobile, and virtualized environments).
Starting with version 7.5, Endpoint Privilege Management for Unix and Linux can send information about certain events to BeyondInsight for logging and reporting purposes.
The settings in this section enable and configure the sending of event information to BeyondInsight.
For more information, see BeyondInsight Event and I/O Logging Common Settings.
rcshost
- Version 7.1 and earlier: rcshost setting not available.
- Version 7.5 and later: rcshost setting available.
The hostname of the Windows machine where BeyondInsight is installed. This keyword does not support the Endpoint Privilege Management for Unix and Linux extended settings such as interface.
rcshost W7-RETINACS-01
Default
No default value
Used On
- Policy server hosts
- Log hosts
rcswebsvcport
- Version 7.1 and earlier: rcswebsvcport setting not available.
- Version 7.5 and later: rcswebsvcport setting available.
The port number used to communicate with BeyondInsight Web Services on rcshost.
rcswebsvcport 443
Default
rcswebsvcport 443
Used On
- Policy server hosts
- Log hosts
rcsworkgroup
- Version 7.5 and earlier: rcsworkgroup setting not available.
- Version 8.0 and later: rcsworkgroup setting available.
A label which helps BeyondInsight identify and sort data sent from Endpoint Privilege Management for Unix and Linux.
rcsworkgroup PMULMasterBeyondTrustWorkgroup
Default
rcsworkgroup "BeyondTrust Workgroup"
Used On
Policy server hosts
sslrcscertfile
- Version 7.1 and earlier: sslrcscertfile setting not available.
- Version 7.5 and later: sslrcscertfile setting available.
BeyondInsight Client Certificate File in PEM format. Used to authenticate Endpoint Privilege Management to BeyondInsight when sending event log records.
sslrcscertfile /etc/retinacs-01_eEyeEmsClient.pem
Default
No default value
Used On
- Policy server hosts
- Log hosts
sslrcscafile
- Version 7.1 and earlier: sslrcscafile setting not available.
- Version 7.5 and later: sslrcscafile setting available.
BeyondInsight server-bound Certificate Authority File in PEM format. Used to authenticate the BeyondInsight when sending event log records.
sslrcscafile /etc/retinacs-01_eEyeEmsCA.pem
Default
No default value
Used On
- Policy server hosts
- Log hosts