To log to an Novell Audit server, follow these steps:
Step |
What to do |
For more information |
---|---|---|
1 |
Add the Identity Manager application schema to the Novell Audit server as a log application |
|
2 |
Configure the Novell Audit platform agent on your application server |
The Platform Agent is required on any client that reports events to Novell Audit. You configure the platform agent through the logevent configuration file. This file provides the configuration information that the platform agent needs to communicate with the Novell Audit server. The default location for this file, on the application server, is:
Make sure to specify the IP address or DNS name of your Novell Audit server in the LogHost setting. For example: LogHost=xxx.xxx.xxx.xxx Specify any other settings needed for your environment. IMPORTANT:After you create or modify the logevent configuration file, you must restart the JBoss application server before those changes will take effect. For more information about the structure of the logevent configuration file, see the section on configuring platform agents in the chapter on the logging system in the Novell Audit Administration Guide. |
3 |
Enable Novell Audit logging |
To configure Audit to use the Identity Manager user application as a log application, follow these steps:
Locate the following file:
DirXML.lsc
Use a Web browser to access iManager, and log in as an administrator.
Go to Roles and Tasks> Auditing and Logging and select Logging Server Options.
Browse to the Logging Services container in your tree and select the appropriate Audit Secure Logging Server. Then click OK.
Go to the Log Applications tab, then select the appropriate Container Name, and click the New Log Application link.
When the New Log Application dialog displays, specify the following:
For this setting |
Do this |
---|---|
Log Application Name |
Type any name that is meaningful for your environment |
Import LSC File |
Use the Browse button to select the DirXML.lsc file |
Then click OK. The Log Applications tab displays the added application name.
Click OK to complete your Novell Audit server configuration.
Make sure the status on the Log Application is set to ON. (The circle under the status should be green. If it is red, click it to switch it to ON.)
Restart the Novell Audit server to activate the new log application settings.
To enable Novell Audit logging in your Identity Manager user application
Log in to the user application as the admin user.
Select the Administration tab.
Select the Logging tab.
Check the Also send logging messages to Audit check box (near the bottom of the tab).
To persist the changes for any subsequent application server restarts, make sure Persist the logging changes is selected.
The Identity Manager user application logs a set of events automatically from workflow, search, detail, and password requests. By default, the Identity Manager user application automatically logs the following events to all active logging channels:
If you log events to the Novell Audit database channel, you can run reports on the data. There are several ways to generate reports against data logged to a Novell Audit database:
Use the Novell Audit Report application to run your own reports or to run the predefined reports described in Predefined log reports below.
Write queries against the logged data using iManager to select Auditing and Logging>Queries.
Write your own SQL queries against the logged data.
The default Novell Audit table is called NAUDITLOG.
The following predefined log reports are created in Crystal Reports (.rpt) format for filtering data logged to the Novell Audit database:
Sample report This is an example of the Specific User Audit Trail report:
Report file location The report files are located:
You can use these reports as templates for creating custom reports in the Crystal Reports Designer or you can run the reports using Audit Report (lreport.exe), a Windows program supplied with Novell Audit. The predefined reports query data from the default Novell Audit log database named naudit and a database table named nauditlog. If your Novell Audit log database has a different name, use the Set Datasource Location menu item in Crystal Reports Designer to replace the naudit database name with the one in your environment.
For more information, see the section on working with reports in the Novell Audit documentation.