Hi

I am in project which requires to build 3 VMWare virtual machines. One for each of Solaris 10, 9 and 8 (in that order).

Each VM should be configured with the Snare Agent for Solaris which should be configured for C2-level security auditing.

In addition to the VM's, it's important to construct an implementation/setup document that describes how to install and configure Snare as well as the Solaris C2 auditing (noting where it might be different per OS version).

Snare for Solaris can be used as a stand-alone auditing tool, or send data via UDP to a syslog server. For this project, it should be configured to log locally, but the documentation should clearly indicate where/how to configure it to send to a syslog server.


So how to go about that???