Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 89
Audit Records, Audit Overview, Audit Configuration Parameters, Audit.event.types
View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 89 highlights
Chapter 7. Audit Records Note: The audit record formats described in this chapter are not considered to be programming interfaces. The format of these records may change from release to release. The format is documented in this chapter in case some parsing of the audit records is desired. Audit Overview The audit subsystem writes textual audit records to a set of sequential files as various auditable events occur during the Encryption Key Manager's processing of requests. The audit subsystem writes to a file (directory and file name are configurable). The file size of these files is also configurable. As records are written to the file, and the size of the file reaches the configurable size, then the file is closed, renamed based on the current timestamp, and another file is opened and records are written to the newly created file. The overall log of audit records is thus separated into configurable sized files, their names sequenced by the timestamp of when the size of the file exceeds the configurable size. To keep the amount of information in the overall audit log (spanning all of the sequential files created) from growing too large and exceeding the space available in the filesystem, you might consider creating a script or program to monitor the set of files in the configured audit directory/folder/container. As files are closed and named based on the timestamp, the file's contents should be copied and appended to the desired long-term, continuous log location and then cleared. Be careful not to remove or alter the file which is having records written to it by the Encryption Key Manager while running (this file does not have a timestamp in the file name). Audit Configuration Parameters The following parameters are used in the Encryption Key Manager's configuration file to control which events are logged in the audit log, where the audit log files are written to, and the maximum size of the audit log files. Audit.event.types Syntax Audit.event.types={type[;type]} Usage Used to specify which audit types should be sent to the audit log. Possible values for configuration parameter are: all authentication data_synchronization runtime All event types Authentication events Events that occur during synchronization of information between Encryption Key Manager servers Events that occur as a part of processing operations and requests sent to the Encryption Key Manager 7-1