LogRhythm… am I talking about another way to remotely forward my syslog logs? Basically, yes. Their demo states
“end user behavior can be difficult to baseline and monitor”
and they claim to pretty much do just that. Anyhow, I am sharing my python script that I wrote to check if LogRhythm is already installed on my servers and if not installed, it will install and configure it. You can get the whole script from my github.
You will need to get teh actual Linux or Solaris install packages from LogRhythm, my script is only to help when needing to install or check installation in a large environment.