Novell Documentation: Novell Audit 2.0 - Application Object Attributes

5.3 Application Object Attributes

Application objects store the information required by the logging server to authenticate logging applications. They also identify which users have rights to monitor the application’s events and they store the application’s log schema.

The following table provides a description of each Application object attribute.

IMPORTANT:You must restart the logging server to effect any changes in Application object configuration. For more information, see Section H.3, Secure Logging Server Startup Commands.

Table 5-1 Application Object Attributes

Attribute	Description
Application Identifier	The name the logging application uses to identify itself to the logging server. The Application Identifier is also stored in the application’s certificate. For information on how the Application Identifier is used in the authentication process, see Section 9.1, Authenticating Logging Applications. The Application Identifier is part of the Component string for every event logged from the current application. For more information, see Section A.1, Event Structure. This field is automatically populated when the Application object is created during install. If you manually create the Application object, you can find the Application Identifier in the application’s Log Schema file. For more information, see Section A.4, Log Schema Files.
Application ID	The four-digit hex value assigned to the current application. All Application IDs are assigned through Novell Developer Support and are maintained in the Novell Audit central registry. The Application ID is also part of the Event ID for every event logged from the current application. For more information, see Section A.1, Event Structure. This field is automatically populated when the Application object is created during install. If you manually create the Application object, you can find the Application ID in the application’s Log Schema file. For more information, see Section A.4, Log Schema Files NOTE:The logging server uses the Application ID to manage Access Control. The users designated in the Access Control field can monitor all events containing this Application ID.
Events	The Events page displays the events listed in each application’s log schema file. For more information, see Section A.4, Log Schema Files. In some instances, related events are organized into logical groups also defined in the application’s log schema file. In addition to listing the logging application’s events, the Events page allows you to select which events you want the Platform Agent to log for the current logging application. This is different from previous versions of Nsure™ Audit because the event filtering occurs at the Platform Agent rather than the Secure Logging Server. In previous versions of Nsure Audit, all event filtering took place at the Secure Logging Server. That is, Notification filters were configured and implemented on the Secure Logging Server. Platform Agents, on the other hand, did not have any filtering mechanism. They sent all logged events to the Secure Logging Server. The advantage of filtering events at the Platform Agent rather than the Secure Logging Server is that it minimizes traffic between the Platform Agent and the Secure Logging Server, it reduces the load the on the Secure Logging Server, and it conserves disk space in the central data store. To configure the Events page: Select the events you want the Platform Agent to log for the current logging application. Select Allowed checked events to be logged. Click Apply, then click OK.
Instrumentation	(Conditional) The configuration fields for certain applications. This page is not used for all the applications. For an example of this page, see Section 5.4.5, Log Parser Instrumentation.
Access Control	The users who have rights to monitor the current application’s events. Use one of the following methods to select the users. Click the arrows to select users who have already been granted rights to other applications’ events. Click the Object Selector button to select User objects in the directory tree. Click the Object History button to select User objects from a list of objects selected during this iManager session.
Status	This option allows you to enable or disable the Application object. By default, all Application objects are enabled. This means that the logging server loads the Application object’s configuration in memory at startup. IMPORTANT:The Application object must be located in a supported Application container for the logging server to use it. For more information on the logging server’s Application Container property, see Logging Server Object Attributes . If you select the Disabled option, you must restart the Secure Logging Server for the setting to become effective. Thereafter, the logging server cannot load the object’s configuration until you select Enabled. For information on unloading the logging server, see Section H.3, Secure Logging Server Startup Commands.