Help banner

Event Variables

Nsure Audit provides several variables that may be used to return specific information from an event.The syntax for using these variables is

$format event_field

The event_field variable references a specific field within a logged event. The format variable determines how the data from the event field is displayed. Using these two variables you can call specific information from an event and manage how it is displayed.

For example, event field R returns the IP address of the Platform Agent. Using different format variables, the IP address may appear as follows:

$XR returns 1B043982

$NR returns 453261698

$iR returns 130.57.4.27

 

Event Field Variables

IMPORTANT: Event variables are case sensitive.

IMPORTANT: All variable strings must be preceeded by a dollar sign ($).

Variable

Event Field

O

Component

 

I

Event ID

 

G

Group ID

 

L

Log Level (Severity)

 

R

IP Address

 

C

Client Timestamp

 

A

Server Timestamp

 

S

Text1

NOTE: To use the $S variable in the SMTP Channel object’s Recipient field, this value must be an e-mail address. For more information, see SMTP Channel Configuration.

 

T

Text2

NOTE: To use the $T variable in the SMTP Channel object’s Recipient field, this value must be an e-mail address. For more information, see SMTP Channel Configuration.

 

1

Value1

 

2

Value2

 

M

Mime hint

 

X

Data Size

 

D

Data

 

SE

Description

This variable returns the value of the Notification object’s Description field.

The value is unique in that it is not provided by the logging application, but by the Notification object that directed the event to the current Channel driver. The Notofication object’s description is sent with the event to the Channel driver. For more information on a Notification object’s Description field, see the Novell Nsure Audit Administration Guide.

 

Format Variables

IMPORTANT: Format variables are case sensitive.

IMPORTANT: All variable strings must be preceeded by a dollar sign ($).

Variable

Format

Description

T

Local Time

Displays the time in the format defined on the local computer.

 

D

Local Date

Displays the date in the format defined on the local computer.

 

N

Numeric Format

Displays the current value in standard numeric format.

 

n

Signed Numeric Format

Displays the current value in standard numeric format. However, if the value is greater than 2 billion, it is displayed as a negative number.

 

S

String Format

Displays string values.

IMPORTANT: This format variable can only be used with the O (Component), S (Text1), T (Text2), D (data), and SE (Description) event variables.

 

X

Hexadecimal Format

Displays the current value in hexadecimal format.

 

R

RFC822

Displays the current value in RFC822 format. This variable is used to format time and date values.

NOTE: RFC822 is the Internet standard format for electronic mail message headers. All time values are expressed in UTC.

 

r

RFC822 local

Displays the current value in RFC822 format; however, the time and date values are expressed in local time rather than UTC.

 

I

Network Byte Order

Displays the current value as an IP address.

This variable assumes the value is in network byte order.

 

i

Host Byte Order

Displays the current value as an IP address.

This variable assumes the value is in host byte order.

 

F

Bool Yes/No

If the value of the field is 0, this variable returns “No.” If the value is not 0, this variable returns “Yes.”

 

f

Bool True/False

If the value of the field is 0, this variable returns “False.” If the value is not 0, this variable returns “True.”

For more information on event structure, see Event Structure.

For more information on using Nsure Audit, see Nsure Audit Help.

A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.