Hi All,

I have to intergrate AIX server to my FortiSIEM (Syslog and SNMP v3) but I'm not able to do that,

Syslog:

I have add to /etc/syslog.conf the line: ( *.* @@<SIEM_IP> ) or ( *.info @<SIEM_IP> )

##refresh -s syslogd

SNMP:

for SNMP I have this in /etc/snmpvd3.config

VACM_GROUP group1 SNMPv1 Pass -

VACM_VIEW defaultView internet - included -
VACM_VIEW defaultView 1.3.6.1.4.1.2.2.1.1.1.0 - included -
VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191.1.6 - included -

# exclude snmpv3 related MIBs from the default view
VACM_VIEW defaultView snmpModules - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5 - included -

# exclude aixmibd managed MIBs from the default view
VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -

VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.3 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.6 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.4 - included -

VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.3 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.6 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.7 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.8 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.9 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.10 - included -

VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.7 - included -

VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.2 - included -

VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -

NOTIFY notify1 traptag trap -

TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - -

TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 ABB noAuthNoPriv -

COMMUNITY Pass Pass noAuthNoPriv 172.30.40.40 255.255.255.255 -

DEFAULT_SECURITY no-access - -

logging file=/usr/tmp/snmpdv3.log enabled
logging size=100000 level=0

smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated
VACM_GROUP director_group SNMPv2c Pass -
VACM_ACCESS director_group - - noAuthNoPriv SNMPv2c defaultView - defaultView -

Can someone help please.