The Remote Management Auditing mechanism allows you to store information about the Remote Management sessions running on the managed workstations as log files.
The Remote Management Audit session is launched automatically as soon as the management console initiates a Remote Management session with the managed workstation.
The Remote Management sessions are logged as audit records. The managed workstation where the Remote Management Agent is installed logs the audit records into the auditlog.txt file. The auditlog.txt file is created and updated only when there are no Remote Management sessions in progress. The audit session information is recorded from the fourth line in the auditlog.txt file. You can find the auditlog.txt file in the system directory of the managed workstation:
The following table explains the information stored by each event during a Remote Management session:
Table 70-10 Information Stored by Events During a Remote Management Session
|
Parameter |
Description |
|---|---|
|
Start Time |
Start time of the event occurrence. |
|
Duration |
Duration of the Remote Management session. |
|
Console DN |
Distinguished name of the workstation that the remote operator uses to remote access the managed workstation. |
|
Console user DN |
Distinguished name of the remote operator. |
|
Operation Code |
The various operations that a management console user can perform on the managed workstation are:
|
|
Operation Status |
The status of the event indicates if the particular event was a success or failure. 1 indicates that the Remote Management operation was successful and 0 indicates that the Remote Management operation was unsuccessful. |
A sample entry is as follows:
1005572546000 1000 rajwin2ktestpc admin.novell 1 0
All the parameters in an audit record are separated by spaces. Each record is logged in a new line. The auditlog.txt file can store a maximum of one hundred records and is saved in the system directory.
You can store the audit records of all the managed workstations in a database in a centralized location. To store the auditlog.txt files in a database, you must install the Workstation Inventory Agent on every managed workstation. For information on installing the Workstation Inventory Agent, see the Novell ZENworks 7 Desktop Management Installation Guide.
The Inventory Scanner collects the audit records and stores them as scan data files in the scan directory at the Inventory server. The Inventory Storer stores the files in the Inventory database.
NOTE:If the Inventory Server rolls up scan data across servers, the audit records are not rolled up after the data stored for the first time.
You can configure the number of audit records per workstation that can be stored in the Inventory database using the RM Audit property page.
To configure the RM Audit property page:
In ConsoleOne, right-click the Inventory database object, then click .
Click the tab.
Specify the maximum number of records per workstation that can be stored in the Inventory database.
Specify the life span of the audit records.
If the Inventory database has enough space to store new records, the audit records are not deleted from the auditlog.txt file even after their expiry time. But if the Inventory database doesn’t have enough space to store new records, the oldest audit records are deleted even before their expiry time.