Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION Manual page 25

Specifying the Logging Server and the Console Events
The Secure Logging Server manages the flow of information to and from the Novell auditing
system. It receives incoming events and requests from the Platform Agents, logs information to the
data store, monitors designated events, and provides filtering and notification services. It can also be
configured to automatically reset critical system attributes according to a specified policy.
1 To specify the logging server, click Auditing > Novell Auditing.
2 Fill in the following fields:
Server: Specify the IP address or DNS name of the audit logging server you want to use. By
default, the system uses the primary Administration Console IP address. If you want to use a
different Secure Logging Server, specify that server here.
Access Manager does not currently support the use of custom application certificates. For
information on this Novell Audit feature, see
www.novell.com/documentation/novellaudit20/novellaudit20/data/am8ewv2.html)
Novell Audit Administration Guide (http://www.novell.com/documentation/novellaudit20/
novellaudit20/data/bookinfo.html).
To use Novell Sentinel
Collector. For more information on Sentinel, see
documentation/sentinel6/index.html).
Port: Specify the port that the Platform Agents use to connect to the Secure Logging Server.
To use Novell Sentinel instead of Novell Audit, specify the port of your Collector.
IMPORTANT: Whenever you change the port or address of the Secure Logging Server, all
Access Gateways must be updated, then every Access Manager device (Identity Server,
Administration Console, Access Gateways, SSL VPN servers, and J2EE Agents) must be
rebooted (not just stopping and starting the module) before the configuration change takes
affect.
3 Under Management Console Audit Events, specify the system-wide events you want to audit:
Select All: Selects all of the audit events.
Health Changes: Generated whenever the health of a server changes.
Server Imports: Generated whenever a server is imported into the Administration Console.
Server Deletes: Generated whenever a server is deleted from the Administration Console.
Configuration Changes: Generated whenever you change a server configuration.
4 Click OK.
If you did not change the address or port of the Secure Logging Server, this completes the
process. It may take up to fifteen minutes for the events you selected to start appearing in the
audit files.
If you changed the address or the port of the Secure Logging Server, complete the following
steps:
5 If the Administration Console is the only Access Manager component installed on the machine,
edit the Novell Audit Configuration file.
For security reasons, this file cannot be edited from the Administration Console when it is the
only Access Manager component on the machine.
"Authenticating Logging Applications" (http://
instead of Novell Audit, specify the IP address or DNS name of your
TM
Sentinel 6 (http://www.novell.com/
in the
Administration Console 25