5.2 Creating Application Objects

Typically, Application objects are automatically created in the Application container under Logging Services when their associated logging application is installed.

For example, during installation, Novell Audit automatically creates Application objects for itself (the Naudit Instrumentation), the eDirectory Instrumentation, and the NetWare® Instrumentation. Novell Audit creates these objects in the Application container under Logging Services.

NOTE:The Naudit Instrumentation allows Novell Audit to audit its own events, such as creating Channel or Notification objects. The eDirectory Instrumentation manages logging of eDirectory events, and the NetWare Instrumentation (NetWare only) provides logging for NetWare and file system events. For more information on the eDirectory and NetWare instrumentations, see Section 5.4.2, NetWare and File System Instrumentations and Section 5.4.1, eDirectory Instrumentation.

If necessary, you can manually create Application objects using iManager. To create an Application object:

  1. Click the Roles and Tasks button iManager Tasks and Roles Button on the iManager toolbar.

  2. In the Roles and Tasks view, expand the Auditing and Logging Role and select the Logging Server Options task.

  3. Select the Secure Logging Server object and click OK.

    • Click the Object History button iManager Object History Button to see a list of Logging Server objects that have been selected during this iManager session.

      or

    • Click the Object Selector button iManager Object Selector button to locate the object in the directory tree. To move up or down in the tree, click the navigation arrows. You can also search the tree by specifying the object name and context in the Search tab.

  4. In the Logging Server Options page, click Log Applications.

  5. Select the Applications container and click Application Actions > New.

  6. Specify the following information:

    Application Object Attribute

    Description

    Log Application Name

    The name the logging application uses to identify itself to the logging server.

    The Application Identifier should be available in the product’s documentation and it is included in the product’s Log Schema file.

    For more information, see Section 5.3, Application Object Attributes.

    Log Schema File

    Log Schema (LSC) files catalog the events that can be logged for a given application. They also provide event descriptions and field titles, although this is optional.

    Novell Audit stores each application’s LSC files as attributes in its respective Application object. English LSC files are stored under the NAuditAppSchemaEn attribute, French LSC files are stored under the NAuditAppSchemaFr attribute, and so forth.

    NOTE:If you modify or localize an application’s LSC file, you must manually add the LSC file to the Application object’s log schema attribute by running the AuditExt utility at the server console. For information on manually adding LSC files to Application objects, see Using AuditExt to Add LSC Files to Application Objects.

  7. Click OK.

Application Containers

You must create Application objects in Application containers. The Application container under Logging Services is automatically created during installation; however, additional Application containers can be created anywhere in the tree.

Creating Application objects in the central Application container under Logging Services is ideal for organizations that need a simple, easy-to-manage logging system. It also suits organizations that are implementing Novell Audit as an auditing solution and, for security reasons, want to centrally manage their system.

If you want to distribute logging system administration, Application objects can be created anywhere in the tree. For example, if administration is divided by logging server, you can create an Application container under each Logging Server object. On the other hand, if administration is divided by application (for example, one person manages logging for iChain®, another Identity Manager logging, etc.), the Application container can be created in any context assigned to its administrator.

If you create an Application container elsewhere in the tree, you must add that container to the logging server’s list of supported containers. At startup, the logging server scans its list of supported Application containers and loads the included Application object configurations in memory so it can authenticate applications. If an Application object is not in one of the logging server’s supported Application containers, it cannot be used to authenticate logging applications. For more information on the logging server’s Application Container property, see Logging Server Object Attributes . For more information on creating channel containers, see Section 3.4.1, Creating Objects in iManager.

IMPORTANT:The logging server loads the Application object configurations at startup only. Therefore, if you create a new Application container or Application object, you must first ensure that the Application container is included in the logging server’s Application Container list and then restart the logging server. For information on restarting the logging server, see Section H.3, Secure Logging Server Startup Commands.