Quick start

For a quick start, use the following procedure to get 

BMC Defender Agent for Unix/Linux

up and running as quickly as possible on a Unix platform. You require a root type login, and the entire installation usually takes only a few minutes to complete. You must have a single process and configuration file on the Unix platform. 

To start the product quickly

1. If you are the Unix root administrator, download the specific Unix package via a web browser directly from to the target Unix platform.
   On the home screen of BMC AMI Command Center for Security and BMC Defender SIEM Correlation Server (together known as BMC Defender Server), click Download UNIX Agent Packages to view the list of supported platforms.
   The default URL for the Unix agents is http://defenderServerHost/s-doc/UNIX/.
   You can browse the complete software package list from this location and download the appropriate tar.gz file for a specific Unix platform.
2. On the Unix platform, gunzip and untar the Unix software, creating a directory such as /opt/BMC Defender or /usr/local/BMC Defender.
   The precise location of the software installation is not important.
3. Install the log file monitor agent: 
   1. Edit the CO-logmon.cnf file to provide a DestinationAddress value. 
   2. Start the CO-logmon process or modify the initd startup system to launch the CO-logmon program on system start up.
4. (Optional) Install the File Integrity Monitor agent: 
   1. Edit the CO-fmon.cnf file to provide a DestinationAddress value. 
   2. (Optional) Modify the directory specifications of the file, and then start the CO-fmon process or modify the initd startup system to launch the CO-fmon process on system start up.
5. At the main BMC Defender Server, verify whether a startup message is logged. 
6. Edit the remote configuration of the Unix agent by using the standard BMC Defender Edit Remote function (that is, drill down on the IP address of the new device, and click Edit Remote Configuration).