3.4 Configuring XDASv2 Events for Auditing

3.4.1 Configuring Events

Use this page to configure XDASv2 events.

Figure 3-1 XDASv2 Events

  1. You can select both or either of the following components for XDASv2 event settings:

    DS: Specifies an eDirectory™ object. For each DS object, a corresponding LDAP object exists.

    LDAP: Specifies an LDAP object.

  2. Log event values:

    The events are logged into a text file. Event values with more than 768 bytes in size are considered “large values.” You can log events of any size.

    Log Large Values: Select this option to log events that are more than 768 bytes in size.

    Don’t Log Large Values: Select this option to log events that are less than 768 Byte in size. If the event size is more, the event value is truncated and saved to the log file.

  3. Specify the following based on your requirements:

    Options

    Description

    Account Management Events

    Select the account management events for which you want to log events. You can log events to create, delete, enable, disable, and query accounts, and also to modify account security token.

    Session Management Events

    Select the session management events for which you want to log events. You can log events to create, terminate, and modify sessions.

    Data Item or Resource Element Management Events

    Select the data item or resource element management events for which you want to log events. You can log events to create and delete data items and to modify and query data item attributes.

    Service or Application Management Events

    Select the service or application management events for which you want to log events. You can log events for enabling and disabling services.

    Service or Application Utilization Events

    Select the service or application utilization events for which you want to log events. You can log events to start and terminate services, and to modify process contexts.

    Peer Association Management Events

    Select the peer association events for which you want to log events. You can log events for creating and terminating peer associations.

    Data Item or Resource Element Content Access Events

    Select the data item or resource element content access events for which you want to log events. You can log events to create, terminate, and modify data item associations.

    Role Management Events

    Select the role management events for which you want to log events. You can log events to create, delete, query, and modify roles.

    Exceptional Management Events

    Select the exceptional management events for which you want to log events. You can log events to start and shut down systems and also to back up and recover data stores.

    Authentication Management Events

    Select the authentication management events for which you want to log events. You can log events to authenticate sessions and create access tokens.

    Operational Events

    Select the operational management events for which you want to log events. You can log events to generate eDirectory operation IDs.

    For more information on events, see Section A.0, XDASv2 Events.

3.4.2 Configuring XDASv2 Roles

Configure XDASv2 roles for the objects for which you want to collect XDASv2 events. You can select object classes and set attributes for them.

Figure 3-2 XDASv2 Roles

  1. Select object classes for which you want to collect events.

  2. Set any number of attributes for the object classes you have selected. Click the attribute and click the arrow to add the attribute to the selected list of attributes.

  3. Click OK after you add the attributes. Click Apply to confirm the modifications.

    The selected attributes appear in this list.

3.4.3 Configuring XDASv2 Accounts

Configure XDASv2 accounts by selecting available object classes. Click OK to exit the application.

Figure 3-3 XDASv2 Accounts

  1. Select object classes from the list for which you want to collect events.

  2. Selected object classes appear in this list.

  3. Click Apply after adding the object classes.