Enabling Auditing; Section 1.7, "Enabling Auditing - Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION Manual

Administration console guide

Hide thumbs Also See for ACCESS MANAGER 3.1 SP1 - ADMINISTRATION:

Manual (208 pages)

Installation manual (42 pages)

Quick start manual (24 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

WARNING: Whenever you change the port or address of the Secure Logging Server, all

Access Gateways must be updated, then every Access Manager device (Identity Server,

Administration Console, Access Gateways, SSL VPN servers, and J2EE Agents) must be

rebooted (not just the module stopped and started) before the configuration change takes affect.

3 From the iManager view bar, select the Roles and Tasks view.

4 Click Directory Administration > Modify Object.

5 Click the Object Selector icon, expand the novell container, then select the eDirectory server.

The eDirectory server uses the tree name, without the _TREE suffix, for its name. The tree

name is displayed in the iManager view bar.

6 Click OK > Novell Audit > eDirectory.

7 From the Meta, Objects, and Attributes sections, select the events that you want to monitor for

potential security problems.

In the Meta section, you would probably want to monitor changes made to groups and

ACLs.

In the Objects section, you would probably want to monitor who is logging in and out and

if objects are being created or deleted.

In the Attributes section, you would probably want to monitor when attribute values are

added or deleted.

8 Click Apply.

9 (Linux) Restart eDirectory and the Audit Server. Enter the following commands:

/etc/init.d/ndsd restart

/etc/init.d/novell-naudit restart

10 (Windows) Restart eDirectory and the Audit Server:

10a Click Control Panel > Administrative Tools > Services.

10b Right click NDS Server, then select Stop.

10c Answer Yes to the prompt to stop the Novell Audit Log Server.

10d Right click NDS Server, then select Start.

10e Right click Novell Audit Log Server, then select Start.

1.7 Enabling Auditing

Access Manager includes a licensed version of Novell

logging and to maintain audit log entries that can be subsequently included in reports. In addition to

selectable events, device generated alerts are automatically sent to the audit server.

Audit logs record events that have occurred in the identity and access management system and are

primarily intended for auditing and compliance purposes. The types of events that are logged

include the following:

Starting, stopping, and configuring a component

Success or failure of user authentication

Role assignment

Allowed or denied access to a protected resource

Audit to provide compliance assurance

Administration Console

Table of Contents

Chapters

Table of Contents

Enabling Auditing; Section 1.7, "Enabling Auditing - Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION Manual

1.7 Enabling Auditing

Chapters

Troubleshooting

Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Related Content for Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Table of Contents