Bigfix working for Unix servers

Unix team wants to know how Endpoint manager agent works for Unix
system, how they can control access of Agent on unix servers , right
now they have power-broker and splunk tool for Unix security for IDs.

Please suggest if IEM can be integrate with Splunk and can send logs or
manage via splunk

how we can re-direct or export all console , users and agent logs to Unix centralized host via splunk or syslog??

Unix team think its a risk having remote agent over the unix box with root access and bypass their powerbroker and any other authentication system.

The BESClient works fine on our Unix endpoints. We utilize predominantly to deliver custom content. There is a known issue with HACMP endpoints, but I’ve logged RFE #60793 requesting a fix.

I can’t speak to power-broker or splunk, but you could create custom content to pull logs back to your root BES server. There’s content in the BES Support site that leverages this functionality to pull back BES related logs for debugging. That or would be a good places to start.

Ping me next week if you want the fixlet IDs from the BES Support site as I don’t have access to the console at the moment.