Linux OS

Version: Red Hat/Cent OS version 7.0 and later, Ubuntu 18.0 and later, Oracle Linux 7.0 and later, and Amazon Linux version 2.

Linux is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel. An operating system is a software that manages all the hardware resources associated with your desktop or laptop.

Netsurion Open XDR platform integrates with Linux to collects logs from it and creates detailed reports, alerts, dashboards, and saved searches. These attributes of the Netsurion Open XDR platform help the user view or receive critical and relevant information concerning security, operations, and compliance.

Once Linux is configured to deliver events to Netsurion's Open XDR platform; alerts, dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Linux - A user or group has been deleted This alert is triggered when a user or a group is removed or deleted from Linux system.
Security Linux - A user password has been changed or modified This alert is triggered when password is changed for any user.
Security Linux - Console login failed This alert is triggered when a user fails to successfully login into Linux system.
Security Linux - Sudoers configuration file has been changed or modified This alert is triggered when someone tries to change or modify the configuration of sudoers file.

Reports

Type Name Description
Security Linux - Console login failed This report contains a detailed overview of events associated to failed login by users into Linux system. This includes, current user, parent user, event datetime, terminal and operation status.
Operations Linux - User command execution activities This report contains a detailed overview of commands that were executed in user shell. This includes, executed command, shell user, parent user, log datetime, and operation status.
Operations Linux - Console login and logout activities This report contains a detailed overview of user login and logout activities. This includes, shell user, parent user, log datetime, and operation status.
Operations Linux - Mount and Unmount activities This report contains a detailed overview of device/drive mount or unmount activities into Linux system. This includes, shell user, parent user, log datetime, and operation status.
Operations Linux - Root Shell Command Execution activities This report contains a detailed overview of commands executed in root shell. This includes, executed command, shell user, parent user, log datetime, and operation status.
Operations Linux - Sudo commands execution activities This report contains a detailed overview of commands executed by elevating user privilege, i.e. ‘sudo’. This includes, executed command, shell user, parent user, and log datetime.
Operations Linux – File Monitoring This report contains a detailed overview of activities associated with file monitoring such as, file read, file delete, file create, etc. This includes, username, event datetime, filepath, filename, status, etc.
Compliance Linux - User Management This report contains a detailed overview of activities performed by any user, such as, user add, user delete, user password change, etc. This includes, shell user, parent user, and log datetime, and operation status.
Compliance Linux - Group Management This report contains a detailed overview of activities performed by any user, such as, group add, group delete, etc. This includes, shell user, parent user, and log datetime, and operation status.
Compliance Linux - Package Management This report contains a detailed overview of activities related to software/package install, remove, or update. This includes, shell user, parent user, and log datetime, application/package name, and operation status.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.3 or later, and Red Hat/Cent OS version 7.0 and later, Ubuntu 18.0 and later, Oracle Linux 7.0 and later, and Amazon Linux version 2.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept