12.8 Enabling Audit Events for the User Application

The following procedure allows User Application events to be logged to Novell Audit or to Sentinel.

  1. Select Gnome Terminal from the Computer menu.

  2. Enter ls /opt/novell/idm/NAuditPA.jar to verify the NAuditPA.jar exists in the /opt/novell/idm/ directory.

  3. Log in as root by entering su, then enter the root password.

  4. Enter gedit /etc/logevent.conf to edit the audit configuration file.

  5. At the end of the file, add the following lines:

    • LogJavaClass=/opt/novell/idm/NAuditPA.jar

    • LogCacheDir=/opt/novell/idm/naudit/cache

    • LogCachePort=1233

    • LogMaxBigData=8192

  6. Select File > Save to save the changes, then select File > Quit to exit.

  7. Enter /etc/init.d/novell-naudit restart to restart Novell Audit to pick up the changes to the logevent.conf file.

  8. Log into the User Application portal (https://172.17.2.117:8444/IDMProv) as the portal administrator (cn=padmin,dc=admins,dc=system password n0v3ll).

  9. Click the Administration tab.

  10. Select Portal Configuration > Logging in the menu on the left.

  11. Select the following two options:

    • Also send logging messages to Novell Audit

    • Persist the logging changes

  12. Click Submit to save the changes.

  13. Exit the User Application portal Web page.

  14. Restart the User Application by entering the following in the Gnome Terminal:

    /etc/init.d/userapp restart

  15. Enter exit twice to log out as root and to close the Gnome Terminal.