What's New in Audit 2.0
Novell Cool Solutions: Feature
Digg This -
Posted: 31 Aug 2005
History and Background
Novell Audit 1.0
The Novell Audit 1.0 product shipped in 2003. It provided a replacement for Auditcon and NAAS, as well as a logging foundation for Novell products such as Identity Manager, iChain, BorderManager, and eDirectory. Versions 1.0.1 ? 1.0.3 improved stability and fault tolerance, standardized event format, and added new channels.
Novell Audit 2.0
The new name reflects the goal of the product ? consistent auditing across Novell's complete product line. Version 2.0 provides better management and monitoring of connected systems. With 2.0, auditing is extended to non-Novell applications as well.
Here are some of the new features available in Audit 2.0.
Windows Event Collector
The Windows Event Collector runs as a service on Windows 2000/XP/2003. It retrieves events from the various Windows Event Logs, such as:
- Application log
- Security log
- System log
- Directory service log
- File Replication service log
- DNS server log
Windows events are sent to the Secure Log Server for processing by Novell Audit.
Log File Parser
The Log File Parser enables consumption of existing text logs without the need to instrument the application. It parses the log file and formats the data into a Novell Audit event structure, and it has a configurable file polling interval. Its simple user interface enables quick integration of new file formats into Novell Audit, including:
- Apache Error Logs
- Zen Application Launcher Logs
New Notification Channels
The new notification channels in Audit 2.0 are JMS and Telephony. The JMS Channel sends a formatted event to a Java Message Service provider. The Telephony Channel enables a computer-generated voice message to be sent to a specific phone number.
With Audit 2.0, monitoring is now iManager-based. Real-time server statistics are used, such as:
- Memory used
- Time running
- Total connections, events received
Connection statistics are available, such as:
- Clients connected
- Applications/events for each client
You can also drill down and create queries for specific event data.
The Server Monitoring screen is shown below:
The Connections Monitoring screen is shown below:
The Applications Monitoring screen is shown below:
The Events Monitoring screen is shown below:
There is also improved Event Filtering in Audit 2.0, which is now Platform Agent-based. Formerly, all event filtering had to be done by the application sending the events. Now, it is based on event type; it is configured on the server and pushed down to the clients.
Future Product Direction
Auditing is a critical component of Novell's long-term strategy. In the future, more internal and third-party applications will be connected to Novell Audit. Future releases will focus more directly on solving compliance problems, such as:
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com