6.2 Configuring the NetIQ XDASv2 Text File

After you install Identity Manager, you can configure the XDAS. The XDAS configuration settings are stored in a simple, text-based xdasconfig.properties configuration file. By default, xdasconfig.properties file is located in the following directories:

Table 6-1 XDAS Configuration File

Operating System

File

Linux/Solaris

 
/etc/opt/novell/eDirectory/conf/
xdasconfig.properties

Windows

 
/IDM_Install_Directory/xdasconfig.properties

On Windows, it is usually the Identity Manager installation directory.

The following is a sample xdasconfig.properties file. 

# Set the level of the root logger to DEBUG and attaches an appender named R.
log4j.rootLogger=debug, S, R
# Defines appender S to be a SyslogAppender.
#log4j.appender.S=org.apache.log4j.net.SyslogAppender
# Defines location of Syslog server.
#log4j.appender.S.Host=localhost
#log4j.appender.S.Port=port
# Specify protocol to be used (UDP/TCP/SSL)
#log4j.appender.S.Protocol=UDP
# Specify SSL certificate file for SSL connection.
# File path should be given with double backslash.
#log4j.appender.S.SSLCertFile=/etc/opt/novell/mycert.pem
# Minimum log-level allowed in syslog.
#log4j.appender.S.Threshold=INFO
# Defines the type of facility.
#log4j.appender.S.Facility=USER
# Layout definition for appender Syslog S.
#log4j.appender.S.layout=org.apache.log4j.PatternLayout
#log4j.appender.S.layout.ConversionPattern=%c : %p%m%n
# Defines appender R to be a Rolling File Appender.
#log4j.appender.R=org.apache.log4j.RollingFileAppender
# Log file for appender R.
#log4j.appender.R.File=/var/opt/novell/eDirectory/log/xdas-events.log
# Max size of log file for appender R.
#log4j.appender.R.MaxFileSize=100MB
# Set the maximum number of backup files to keep for appender R.
# Max can be 13. If set to zero, then there will be no backup files.
#log4j.appender.R.MaxBackupIndex=10
# Layout definition for appender Rolling log file R.
#log4j.appender.R.layout=org.apache.log4j.PatternLayout
#log4j.appender.R.layout.ConversionPattern=%d{MMM dd HH:mm:ss} %c : %p%m%n

Table 6-2 XDAS Property File

Options

ID

Syslog Appender

S

Rolling File Appender

R

Socket Appender

Socket Logger

The entries in the xdasconfig.properties file are not case sensitive, entries can appear in any order, empty lines are valid, and any line that starts with a hash (#) is commented out.

The following table provides an explanation of each setting in the xdasconfig.properties file.

IMPORTANT:You must restart eDirectory when you make a change to the configuration.

Table 6-3 XDAS Settings

Setting

Description

log4j.rootLogger=debug, S, R

Sets the level of the root logger to debug and attaches an appender named R or S, where S specifies a Syslog appender and R specifies a Rolling File appender.

log4j.appender.S=org.apache.log4j.net.SyslogAppender

Specifies the appender S to be a Syslog appender.

log4j.appender.S.Host=localhost

Specifies the location of the Syslog server where XDAS events are logged.

log4j.appender.S.Port=port

The port at which the XDAS connects to the Syslog server.

If the connection between XDAS and the Syslog server fails, Identity Manager cannot log events until the connection is restored.

log4j.appender.S.Protocol=UDP

Specifies the protocol to use. For example, UDP, TCP, or SSL.

log4j.appender.S.SSLCertFile=/etc/opt/novell/mycert.pem

Specifies the SSL certificate file for the SSL connection. Use double backslashes to specify the path of the file. This is an optional setting.

log4j.appender.S.Threshold=INFO

Specifies the minimum log level allowed in the Syslog appender.

log4j.appender.S.Facility=USER

Specifies the type of facility.

log4j.appender.S.layout=org.apache.log4j.PatternLayout

Layout setting for Syslog appender.

log4j.appender.S.layout.ConversionPattern=%c : %p%m%n

Layout setting for Syslog appender.

log4j.appender.R=org.apache.log4j.RollingFileAppender

Specifies appender R to be a Rolling File appender.

log4j.appender.R.File=/var/opt/novell/eDirectory/log/xdas-events.log

The location of the log file for a Rolling File appender.

log4j.appender.R.MaxFileSize=100MB

The maximum size, in MBs, of the log file for a Rolling File appender. Set this value to the maximum size that the client allows.

log4j.appender.R.MaxBackupIndex=10

Specify the maximum number of backup files for a Rolling File appender. The maximum number of the backup files can be 10. A zero value means no backup files.

log4j.appender.R.layout=org.apache.log4j.PatternLayout

Layout setting for Rolling File appender.

log4j.appender.R.layout.ConversionPattern=%d{MMM dd HH:mm:ss} %c : %p%m%n

Layout setting for Rolling File appender.

To enable the Syslog appender, make the following changes in the xdas.properties file:

  1. Change the following entry to S to attach a Syslog appender:

    log4j.rootLogger=debug, S

  2. Uncomment the following entries:

    log4j.appender.S=org.apache.log4j.net.SyslogAppender
    log4j.appender.S.Host=localhost
    log4j.appender.S.Port=port
    log4j.appender.S.Protocol=UDP
    log4j.appender.S.SSLCertFile=/etc/opt/novell/mycert.pem
    #log4j.appender.S.Threshold=INFO
    #log4j.appender.S.Facility=USER
    #log4j.appender.S.layout=org.apache.log4j.PatternLayout
    #log4j.appender.S.layout.ConversionPattern=%c : %p%m%n

  3. Log into iManager and change the log events.

    For more information on changing log levels by using iManager, see Section 9.1, Setting the Log Level and Maximum Log Size.

  4. Select the XDAS events for the driver set.

    For more information on selecting XDAS events by using iManager, see Section 8.4, Selecting XDASv2 Events.

  5. Restart eDirectory.

To enable the Rolling File appender, make the following changes in the xdas.properties file:

  1. Change the following entry to R to attach a Rolling File appender:

    log4j.rootLogger=debug, R

  2. Uncomment the following entries:

    log4j.appender.R=org.apache.log4j.RollingFileAppender
    log4j.appender.R.File=/var/opt/novell/eDirectory/log/xdas-events.log
    log4j.appender.R.MaxFileSize=100MB
    log4j.appender.R.MaxBackupIndex=10
    log4j.appender.R.layout=org.apache.log4j.PatternLayout
    log4j.appender.R.layout.ConversionPattern=%d{MMM dd HH:mm:ss} %c : %p%m%n

  3. Log into iManager and change log levels.

    For more information on changing log levels by using iManager, see Section 9.1, Setting the Log Level and Maximum Log Size.

  4. Select the XDAS events for the driver set.

    For more information on selecting XDAS events by using iManager, see Section 8.4, Selecting XDASv2 Events.

  5. Restart eDirectory.

Proceed to Section 7.0, Securing the Logging System.