We are in the process of attempting to roll out Server Sensor in our Unix (Solaris 2.8) environment. My question concerns the BSM (Basic Security Module) which is included in Solaris and is used to create the security logs so that Server Sensor can be used to flag curious activity (much like the Windows version does).
Currently, we do not have the BSM enabled (there are other tools that are used). In performing some testing with several of the options turned on in a lab environment, it is evident that the log file(s) can become very large, very fast. In our environment where our web servers see large volumes of traffic this could be a big problem. I'd be curious to know if/how people are using the BSM in conjunction with Server Sensor on Solaris. I'm looking for ideal configurations of it. I'd also like to hear if there are people out there who do not have the BSM enabled and just look at Web traffic. MW __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/ _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
