The eDirectory Instrumentation for Novell® Audit, nauditDS, allows Novell Audit to log eDirectory events to the Novell Audit database. The eDirectory Instrumentation can log events from the following versions of the directory:
NDS® 6.x
NDS 7.x
NDS 8.x
eDirectory 8.6 (NetWare®, Windows*, Linux*, and Solaris*)
eDirectory 8.7 (NetWare, Windows, Linux, and Solaris)
The Platform Agent must be installed on every server on which you want to log events. NauditDS automatically loads the Platform Agent (logevent) to send events to the Secure Logging Server.
On NetWare, nauditDS is automatically loaded each time the server restarts. On Windows, Linux, and Solaris systems, you must manually load nauditDS or add nauditDS to the server startup scripts to begin logging eDirectory events. For information on starting the eDirectory Instrumentation, see "NetWare and eDirectory Instrumentation Startup Commands" in the Novell Audit Administration Guide.
eDirectory events are partition-specific; that is, they only need to be enabled on one NCP Server object per partition. For a table that lists the eDirectory events that can be logged to Novell Audit, see eDirectory Events.
eDirectory events such as login and logout are ubiquitous and can quickly fill your data store. Therefore, you should monitor your system's event traffic and configure your data store's expiration or roll policies accordingly. For information on the MySQL* channel's expiration properties, see MySQL Channel. For information on configuring the File channel to purge or roll its log files, see File Channel.
eDirectory events describing attribute changes store the new attribute values in the event's data field.
You can configure eDirectory events on both the Platform Agent and the NCP Server object.
You can configure the Platform Agent to only send specified events to the Secure Logging Server. You configure the Platform Agent in the Events page. For information on the Events page, see Logging Application Events.
The instrumentation settings on the NCP Server object are the master settings. If you do not configure the Platform Agent, all events listed in the NCP Server object are logged. However, if you only enable events at the Platform Agent but not at the NCP Server object, then no events are logged. If you enable events at both the Platform Agent and the NCP Server object, only events enabled in both locations are logged.
On the eDirectory Instrumentation page of the NCP Server object, you can check the following options:
Do Not Send Replicated Events
If you check this box, you avoid receiving duplicate entries for eDirectory events in a replica ring. You might consider enabling this option to reduce the potential log size. To log non-replicated events (such as logins), nauditDS must be installed on each individual server for which you want to log non-replicated events.
Register for Events Inline
If you check this box, eDirectory cannot complete a transaction until the event is sent to the Secure Logging Server. This option doesn't apply to the following three events:
DSA Read
List Subordinates
Read Attribute
When an object is modified, this option records the previous values of the object. This option can also be used for validation purposes to ensure a nonrepudiable log. Enabling this option might slow the performance of the connection between the Secure Logging Server and eDirectory.
For more information, see Configuring the NCP Server Object to Log Events.
Related Topics
A trademark symbol (®, , etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.