Novell Home

What's New in Audit 2.0

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 31 Aug 2005
 

History and Background

Novell Audit 1.0

The Novell Audit 1.0 product shipped in 2003. It provided a replacement for Auditcon and NAAS, as well as a logging foundation for Novell products such as Identity Manager, iChain, BorderManager, and eDirectory. Versions 1.0.1 ? 1.0.3 improved stability and fault tolerance, standardized event format, and added new channels.

Novell Audit 2.0

The new name reflects the goal of the product ? consistent auditing across Novell's complete product line. Version 2.0 provides better management and monitoring of connected systems. With 2.0, auditing is extended to non-Novell applications as well.

New Features

Here are some of the new features available in Audit 2.0.

Windows Event Collector

The Windows Event Collector runs as a service on Windows 2000/XP/2003. It retrieves events from the various Windows Event Logs, such as:

  • Application log
  • Security log
  • System log
  • Directory service log
  • File Replication service log
  • DNS server log

Windows events are sent to the Secure Log Server for processing by Novell Audit.

Log File Parser

The Log File Parser enables consumption of existing text logs without the need to instrument the application. It parses the log file and formats the data into a Novell Audit event structure, and it has a configurable file polling interval. Its simple user interface enables quick integration of new file formats into Novell Audit, including:

  • Syslog
  • Apache Error Logs
  • Zen Application Launcher Logs

New Notification Channels

The new notification channels in Audit 2.0 are JMS and Telephony. The JMS Channel sends a formatted event to a Java Message Service provider. The Telephony Channel enables a computer-generated voice message to be sent to a specific phone number.

Product Enhancements

With Audit 2.0, monitoring is now iManager-based. Real-time server statistics are used, such as:

  • Memory used
  • Time running
  • Total connections, events received

Connection statistics are available, such as:

  • Clients connected
  • Applications/events for each client

You can also drill down and create queries for specific event data.

The Server Monitoring screen is shown below:

The Connections Monitoring screen is shown below:

The Applications Monitoring screen is shown below:

The Events Monitoring screen is shown below:

There is also improved Event Filtering in Audit 2.0, which is now Platform Agent-based. Formerly, all event filtering had to be done by the application sending the events. Now, it is based on event type; it is configured on the server and pushed down to the clients.

Future Product Direction

Auditing is a critical component of Novell's long-term strategy. In the future, more internal and third-party applications will be connected to Novell Audit. Future releases will focus more directly on solving compliance problems, such as:

  • Sarbanes-Oxley
  • HIPAA
  • Graham-Leach-Bliley


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell