You should start by reading the information in the Novell® Nsure Audit Installation Guide. This guide is located in the root folder of the Nsure Audit Installation CD.
After you are familiar with the information in the Novell Nsure Audit Installation Guide, access the Nsure Audit Administration Guide on the Web, at http://www.novell.com/documentation/lg/nsureaudit/index.html, for in-depth information on configuring and using Nsure Audit.
The Secure Logging Server supports the following platforms:
The Platform Agent supports the following platforms:
The eDirectoryTM Instrumentation supports the following versions of the Directory:
The NetWare Instrumentation supports the following versions of NetWare:
While the File driver can process over 60,000 events/second on a P4 Xeon class computer, databases by nature are slower. Tests have shown that MySQL can handle about 3,600 events per second on a P4 Xeon class computer. Performance using the JDBC Java Channel driver is significantly slower than the other database drivers.
If you expect to consistently exceed those numbers please plan your setup accordingly, either by distributing events to multiple databases or by using the file driver. Nsure Audit is designed to handle occasional peeks that exceed the limitations of whichever driver is being deployed.
IMPORTANT: Perform your own throughput test for your environment and do not rely solely on the numbers provided in this readme.
SMTP subject line currently only supports US-ASCII subjects.
If you encounter an Nsure Audit service dependency error when you attempt to shutdown eDirectory on Windows, shutdown Nsure Audit before shutting down eDirectory.
There is an issue starting the JDBC channel from a directory other than the directory containing the JDBC .jar files.
To resolve this issue, either start the Secure Logging Server from the directory containing the JDBC .jar files, or copy the JDBC .jar files to the root directory then restart the Secure Logging Server.
By default, the JDBC .jar files are located in the following directories:
On NetWare, there is an issue with directory names longer than eight characters in the path to the flat file log. If one of the directories in the default path has a name that is longer than eight characters, the File driver cannot create the directory and the Secure Logging Server fails to start.
Therefore, when configuring the flat file driver on NetWare, do not include directories longer than eight characters in the Log File Location parameter.
During installation, if the letrans executable is installed without the letrans.cfg configuration file, you must extract the configuration file from the letrans.zip file, which is located in the add_ons folder of the Nsure Audit Installation CD.
If you encounter a defunct lcache process when running the edirectory instrumentation, you must start lcache before starting up the edirectory instrumentation.
Any NetWare server that will report eDirectory events must be updated with NICI 2.6.5, or later. This update is available at download.novell.com.
If a Platform Agent has an invalid certificate, and a short reconnect interval is set, these frequent failed attempts to connect might cause a memory leak in the Secure Logging Server, due to a limitation in the SSL libraries used to establish this connection.
To avoid this memory leak, ensure that your clients have the proper certificates and increase the retry interval for your Platform Agents. This memory leak will not occur if the Platform Agent can establish a connection.
On Solaris, when loading the MySQL driver, you might encounter the following error message:
# MDBDriver 'mdbds.so', successfully loaded
Nsure Audit: Logging Mode: Using internal certificate
ld.so.1: /opt/NOVLnaudit/lengine: fatal: LGDMSQLProcessSysEvent: can't find symbol. Instead of the "LGDMSQLProcessSysEvent: can't find symbol, the LGDFILEProcessSysEvent: can't find symbol could be listed.
This error can be ignored, as it does not prevent Lengine from loading and does not affect the functionality of Nsure Audit.
AuditNW must be loaded after any anti-virus product, or the server might appear to stall and have to be reset.
You might receive an error message regarding an unresolved public symbol, dhost_SecondsUp, during installation, or when starting WebAdmin or lengine. This unresolved symbol error can be ignored, as it does not affect the functionality of Nsure Audit.
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
You may not export or re-export this product in violation of any applicable laws or regulations including, without limitation, U.S. export regulations or the laws of the country in which you reside.
Copyright © 2003-2005 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
Novell is a registered trademark of Novell, Inc. in the United States and other countries.
NetWare is a registered trademark of Novell, Inc. in the United States and other countries.
eDirectory is a registered trademark of Novell, Inc.
Nsure is a trademark of Novell, Inc.
All third-party trademarks are the property of their respective owners.