15.7 Enabling Identity Server Audit Events

All user and administrator actions can be logged to Novell Audit. You can generate a Novell Audit logging event to indicate whether authentications are successful or unsuccessful. The following steps assume that you have already set up Novell Audit on your network. For more information, see Enabling Auditing in the NetIQ Access Manager 3.1 SP5 Administration Console Guide.

  1. In the Administration Console, click Devices > Identity Server > Servers > Edit > Logging.

  2. In the Novell Audit Logging section, select Enabled.

  3. Select the events for notification.

    Select All: Select this option for all events. Otherwise, select one or more of the following:

    Event

    Description

    Login Provided

    Generated when an identity provider sends authentication to a service provider. Role assignment audit events are included in authentication audit events for the Identity Server.

    Login Provided Failure

    Generated when an identity provider attempts to send authentication to a service provider but fails.

    Login Consumed

    Generated when a user is authenticated either locally or by an external identity provider. Role assignment audit events are included in authentication audit events for the Identity Server.

    Login Consumed Failure

    Generated when the Identity Server initiates authentication, but the process fails.

    Logout Provided

    Generated when an identity provider sends a logout request to a service provider that it has authenticated.

    Logout Local

    Generated when the Identity Server receives a logout command from the user.

    Federation Request Sent

    Generated when a service provider attempts to federate with an identity provider.

    Federation Request Handled

    Generated by the Identity Server when processing a request for federation.

    Defederation Request Sent

    Generated by the identity provider when a request for defederation is sent to another provider.

    Defederation Request Handled

    Generated when the Identity Server processes a request for defederation.

    Register Name Request Handled

    Generated when the Identity Server processes a request for changing a name identifier.

    Attribute Query Request Handled

    Generated by the Identity Server when processing an attribute request from a service provider.

    Web Service Query Handled

    Generated when a Web service query request is sent to an identity provider.

    Web Service Modify Handled

    Generated when Web service modify request is sent to an identity provider.

    User Account Provisioned

    Generated by the Identity Server when functioning as an identity consumer and when an account has been provisioned.

    User Account Provisioned Failure

    Generated by the Identity Server when functioning as an identity consumer and when account provisioning has failed.

    LDAP Connection Lost

    Generated when the LDAP connection is lost.

    LDAP Connection Reestablished

    Generated when the LDAP connection is reestablished.

    Server Started

    Generated when the server gets a start command from the server communications module.

    Server Stopped

    Generated when the server gets a stop command from the server communications module.

    Server Refreshed

    Generated when the server gets a refresh command from the server communications module.

    Intruder Lockout Detected

    Generated when an attempt to log in as a particular user with an invalid password has occurred more times than is allowed by the directory.

    Component Log Severe Messages

    Logged for all component messages with level of Severe.

    Component Log Warning Messages

    Logged for all component messages with level of Warning.

    Brokering Across Groups Denied

    Brokering authentication request denied to a target service provider. The brokering group consists of either the Identity Provider or target Service Provider, but both does not belong to the same group.

    Brokering Rule Evaluated to Deny

    Brokering authentication request denied to a target service provider due to broker policy evaluation resulted in denying.

    Brokering Handled

    The total number of brokering authentication requests handled by the Identity Server when it started.

  4. Click Apply, then OK.

  5. Click Servers > Update Servers.

    Restart the Novell Audit server.