Other Axon Agent Procedures

Changing the Tripwire LogCenter Manager for an Axon Agent

This section describes the process to change the Tripwire LogCenter Manager to which an Axon AgentA system on which Tripwire Axon Agent for TLC software has been installed. sends data. The process is different based on whether the Tripwire LogCenter Manager uses a pre-shared key or PKI to secure communication with the Agent.

For more information, see:

Changing the TLC Manager for Axon Agents that Use a Pre-Shared Key

Changing the TLC Manager for Axon Agents that Use PKI

Changing the TLC Manager for Axon Agents that Use a Pre-Shared Key

To assign a different Tripwire LogCenter Manager to an Axon Agent:

1.

Complete the following steps on the new Tripwire LogCenter Manager:

a.

If needed, upgrade to the latest version of Tripwire LogCenter Manager.

b.

Configure the Axon Access PointA component of TLC ManagerTripwire LogCenter Manager is the core software in your TLC environment. TLC Manager collects and processes log messages from a wide variety of systems and devices. through which Axon Agents deliver log messages to TLC., as described in Step 1. Configuring the Axon Access Point on a Tripwire LogCenter Manager.

2.

Complete the following steps on the Axon Agent host system:

a.

Shut down the Axon Agent service by entering one of the following commands:

AIX: stopsrc -s tw-axon-agent-tlc

Linux: /sbin/service tw-axon-agent-tlc stop

Windows: net stop TripwireAxonAgentTLC

b.

Delete the following certificates.

AIX or Linux: /var/cache/tripwire-tlc/trust/keystore.p12

Windows: %PROGRAMDATA%\Tripwire\agent-tlc\data\trust\keystore.p12

c.

Open the Axon Agent configuration file (twagent.conf) in the appropriate directory.

AIX or Linux: /etc/tripwire-tlc/

Windows: %PROGRAMDATA%\Tripwire\agent-tlc\config\

d.

In the configuration file, enter the IP address or host name of the new Tripwire LogCenter Manager as the bridge.host option, and edit the other options, as needed (see Table 16).

e.

Re-create the registration_pre_shared_key.txt file, as described in Step 4. Configuring the Axon Agent.

f.

Start the Axon Agent service by entering one of the following commands at a command prompt.

AIX: startsrc -s tw-axon-agent-tlc

Linux: /sbin/service tw-axon-agent-tlc start

Windows: net start TripwireAxonAgentTLC

Changing the TLC Manager for Axon Agents that Use PKI

To assign a different Tripwire LogCenter Manager to an Axon Agent that uses PKI:

1.

Complete the following steps on the new Tripwire LogCenter Manager:

a.

If needed, upgrade to the latest version of Tripwire LogCenter Manager.

b.

Configure the Axon Access Point, as described in Step 2. Configuring the Axon Access Point on a Tripwire LogCenter Manager.

2.

Follow the process in Step 5. Creating Certificates on an Axon Agent to create new certificates and a key store on the Axon Agent system.

3.

Follow the process in Step 6. Configuring the Axon Agent to configure the hostname of the new Tripwire LogCenter Manager.