The following steps assume that you have already set up auditing on your network. For more information, see Configuring Access Manager for Auditing.
In the Administration Console, click Devices > Access Gateways > Edit > Auditing.
Based on the event category, select the events for notification.
Select All: Select this option for all events. Otherwise, select one or more of the following:
Events
Event |
Description |
---|---|
Access Denied |
Generated when a requested action is denied because the requester has insufficient access rights to a URL. |
Identity Injection Failed |
Generated when the Identity Injection policy injects with the value field empty. |
System Started |
Generated when the Access Gateway is started. |
System Shutdown |
Generated when the Access Gateway is stopped. |
Form Fill Failed |
Generated when a Form Fill policy fails to successfully fill in a form. |
Application Accessed |
Generated when a user accesses applications. |
URL Not Found |
Generated when a requested URL cannot be found. |
IP Access Attempted |
Generated when a user attempts to access a URL with an IP address instead of the published DNS name configured in the Access Gateway. |
Oauth & OpenID Token Validation Failed |
Generated when an OAuth and OpenID token validation fails. |
High Volume Events
Event |
Description |
---|---|
Access Allowed |
Generated when a requested action is allowed because the requester has the correct access rights to a URL. |
Identity Injection Success |
Generated when the Identity Injection policy successfully injects data into the HTTP header. |
Form Fill Success |
Generated when a Form Fill policy successfully fills in a form. |
URL Accessed |
Generated when a user accesses a URL. |
IMPORTANT:Enabling High Volume Events may generate high volume of audit events on a system with heavy load. This may degrade the performance of the Access Gateway.
Audit Filters
Select the following filters to exclude them from the audit events:
Filter |
Description |
---|---|
CSS |
Excludes CSS files as part of response from the audit events. |
JavaScripts |
Excludes JavaScripts from the audit events. |
Images |
Excludes images from the audit events. Specify the image format. For example: JPEG, PNG |
URLs Matching Regular Expression |
Excludes URLs matching the configured regular expression. It helps in filtering out specified URL paths from the ones audited as part of the URL Accessed audit event. These filtered out URL paths will not be displayed in the Audit Server. This is helpful where auditing every URL is not required and may increase the load on the Audit Server.The regular expression is standard perl based regular expressions. For more information about “Regular Expressions”, see .Each URL (path?querystring) is matched against this expression. If the match is successful, the URL will not be audited for URL access. For example:
|
To save your modifications, click OK twice.
On the Access Gateways page, click Update.