Help banner

Modify Object - Log Application

Application objects store the information the logging server needs to authenticate logging applications; identify which users have rights to monitor the application's events; and store the application's log schema, which catalogs the events that can be logged for the application.

IMPORTANT: You must restart the logging server to effect any changes in Application object configuration. For more information on restarting the logging server, refer to the Novell® Audit Administration Guide.

The following provides a description of each Application object attribute:

Item

Description

Configuration

 

Configuration

 

 

Application Identifier

The name the logging application uses to identify itself to the logging server.

The Application Identifier is stored in the application's certificate.

The Application Identifier is also part of the Component string for every event logged from the current application. For more information, see Event Structure.

This field is automatically populated when the Application object is created during install. If you manually create the Application object, you can find the Application Identifier in the application's log schema file. For more information, see Log Schema Files.

 

 

Application ID

The four-digit hex value assigned to the current application.

All Application IDs are assigned through Novell Developer Support and are maintained in the Novell Audit central registry.

The Application ID is also part of the Event ID for every event logged from the current application. For more information, see Event Structure.

This field is automatically populated when the Application object is created during install. If you manually create the Application object, you can find the Application ID in the application's log schema file. For more information, see Log Schema Files.

NOTE: The logging server uses the Application ID to manage Access Control. The users designated in the Access Control field can monitor all events containing this Application ID.

 

Events

For each application object, you can view the events performed by the application and check if you want the events to be logged. Event filtering is done by the Platform Agent, rather than the Secure Logging Server.

In previous versions of Nsure Audit, all event filtering took place at the Secure Logging Server. Platform Agents sent all logged events to the Secure Logging Server, where the events were processed and written to the central data store.

Novell Audit 2.0 allows administrators to implement event filters for each logging application. Pushing event filtering down to the Platform Agent minimizes traffic between the Platform Agent and the Secure Logging Server, reduces the load the on the Secure Logging Server, and conserves disk space in the central data store.

The Events page displays the events listed in each application's log schema file. For more information, see Log Schema Files. Some related events are also organized into logical groups. The groups are also determined in the application's log schema file.

 

 

Allow checked events to be logged

Select this box to allow checked events to be logged.

For more information, see Logging Application Events.

 

 

Group Name

Events are listed by group. Events that do not belong to a group are listed under Not Grouped.

Click the plus icon next to a group to expand the event list. Click the minus sign to collapse the event list.

 

 

Event Name

The event name.

 

 

Event ID

A hexadecimal event number that uniquely identifies each type of logged event. For more information, see Event Structure.

 

Instrumentation

(Conditional) The configuration fields for certain applications.

Currently, only the Logfile Parser Application object has instrumentation configuration settings.

 

Access Control

 

Monitoring permitted for:

The users that have rights to monitor the current application's events. For more information, see the Novell Audit Administration Guide.

  • Click the arrows to select users who have already been granted rights to other applications' events.

  • Click the Object Selector button to select User objects in the directory tree.

  • Click the Object History button  to select User objects from a list of objects selected during this iManager session.

 

Status

By default, all Application objects are enabled. This means that the logging server loads the Application object's configuration in memory at startup.

IMPORTANT: The Application object must be located in a supported Application container in order for the logging server to use it.

If you select the Disabled option, you must restart the Secure Logging Server for the setting to become effective. Thereafter, the logging server cannot load the object's configuration until you select Enabled.

 

Related Topics

Creating and Configuring Application Objects

Novell Audit Help

A trademark symbol (®, ™, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.

Close