January 13, 2006
The following sources provide information about Novell® Audit 2.0:
In this documentation, a greater-than symbol (>) is used to separate actions within a step and items in a cross-reference path.
A trademark symbol (® , TM, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party trademark
The following sections review the supported platforms for the Novell Audit components.
The Log Parser Instrumentation can harvest events from text-based log files such as Syslog, Apache error logs, and Novell® Application Launcher™ logs on all supported platforms.
The following issues have been identified for this release of Novell Audit.
If after extending the schema during the full installation, the script exits and says KILLED, rerun the pinstall.lin script, then select the Novell Audit Secure Logging Server option. When the schema extension tool (auditext) launches again, simply exit the tool without making any changes and the installation should proceed normally.
A problem has been found in the Windows Platform Agent Only install. This only affects developers installing the agent libraries for development purposes as an upgrade to the 1.0.3 product on Windows platforms. The installation program sees that versions of lcache.exe and logevent.dll are present and does not handle updating them. To work around this problem, either remove these files from the \windows\system32 directory or rename them so the new versions of these files are installed.
This product release contains a sample file (jmsSamples.jar) that can be used to verify JMS Producer-to-Consumer communications. The Java* classes in this file perform a minimal number of functionality checks. Consequently, some users might find that these minimal tests do not sufficiently test their JMS configuration in conjunction with Novell Audit.
An updated jmsSamples.jar file will be released with the Novell Audit 2.0 SDK.JMS testing procedures and a JMS Consumer design framework will also be documented in the SDK.
Currently, the help system states that Novell Audit automatically installs all required .jar files with the iManager plug-in. This is incorrect. Before you create a JDBC Channel object, you must manually copy all required JDBC* libraries (*.jar) to the following iManager class paths on your iManager server:
NetWare: sys:\tomcat\4\common\lib
Linux and Solaris: /var/opt/novell/tomcat4/common/lib
Windows: c:\program files\novell\tomcat\common\lib
Currently, the JDBC channel cannot send events to a MySQL database. However, you can still use the native MySQL channel to send events to a MySQL database.
When hosting the Novell Audit data store on a NetWare server, ensure that you have sufficient disk space on your file server to handle the amount of data that will be committed to your database. If you host the database on a NetWare volume and the volume runs out of disk space, you run the risk of ABENDing your server.
When lengine receives events from the logging system’s Platform Agents, it sends the events to its log and notification channels. If it is unable to log those events to a given channel (for example, the database is unavailable or SMTP server is down), lengine queues the events in system memory until the channel becomes available.
When lengine has queued events, it will not unload from memory until the events are written to the configured channels. If an unavailable channel comes back online, lengine processes its queued events and can be cleanly shutdown. However, if a channel is permanently unavailable, the server continues to function, but the command line is unavailable and it might not be possible to cleanly unload lengine. Consequently, you might have to power down the server or break into the debugger and exit the OS to unload lengine. If you force the server to unload lengine using one of these “non-clean” methods, data will be lost.
The following issues are working as designed. The administrator should be aware of these issues when configuring Novell Audit 2.0.
If you are using an unlicensed server and you have configured any channels other than File, MySQL*, or SMTP, the Secure Logging Server automatically unloads. There will not be a message in nproduct.log. If you do not have a licensed server and the Secure Logging Server (lengine) will not stay loaded, determine if you have any channels that require a license.
Do not attempt to send notifications to the Monitor Channel. There is no way to retrieve specific events from the Monitor; therefore, the notification event cannot be reported.
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2006 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
Novell, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.novell.com/company/legal/patents/ and one or more additional patents or pending patent applications in the U.S. and in other countries.
Novell is a registered trademark of Novell, Inc., in the United States and other countries.
SUSE is a registered trademark of SUSE AG, a Novell business.
NetWare is a registered trademark of Novell, Inc., in the United States and other countries.
eDirectory is a trademark of Novell, Inc.
Nsure is a trademark of Novell, Inc.
Novell Application Launcher is a trademark of Novell, Inc.
All third-party trademarks are the property of their respective owners.