Table of Contents
Advertisement
ROLL
The NSS Auditing Engine (
the auditing client application. The auditing client application can also specify the maximum
size of the file in which auditing records are placed, and can optionally specify that when the
file maximum size has been reached, the NSS Auditing Engine creates a new file (in the
specified directory) and begins appending audit records to the new file.
When the NSS Auditing Engine creates a new file (in which audit records will be placed), it
generates a "Roll" audit record, and appends it (as the last record) to the previously used file.
The record contains the full (Linux) path of the newly created file, where audit record
processing should continue. Roll records are sent only to the specifically affected auditing
client, not to all auditing clients.
ALL
Used to indicate all records of type VIGIL.
Examples for Filtering VIGIL Events
The following are examples of how records of type VIGIL might be filtered from the
specifying individual patterns at the command line prompt:
/opt/novell/vigil/bin/vlog -p":-all"
Specifies a filter pattern that excludes all records of type VIGIL from the
/opt/novell/vigil/bin/vlog -p":-all +roll"
Specifies a filter pattern that excludes all records of type VIGIL from the
records, which are shown in the
Roll
/opt/novell/vigil/bin/vlog -p":-roll -user_stop -user_start"
Specifies a filter pattern that excludes
records from the
started
Keywords are applied in the order that they appear in the filter pattern. For example, the following
patterns are not equivalent:
/opt/novell/vigil/bin/vlog -p":-all +roll"
Specifies a filter pattern that excludes all records of type VIGIL, but then allows the
record. Of all the VIGIL type records, only the
/opt/novell/vigil/bin/vlog -p":+roll -all"
Specifies a filter pattern that allows the
VIGIL. No VIGIL type records (of any event type) are output.
Patterns for Filtering Records of Type NSS, NCP, and CIFS
Records of type NSS, NCP, and CIFS represent operations on files.
"Filter Syntax for Type NSS, NCP, and CIFS Records" on page 20
"Negation Element Options" on page 20
"Path Element Options" on page 21
"Event Element Options" on page 26
) appends auditing records to a file in a directory specified by
vigil
output.
vlog
records,
Roll
output.
vlog
Roll
record, but then excludes all records of type
Roll
vlog
vlog
records, and
User stopped
events are output.
output by
vlog
output.
output, except
User
Roll
VLOG Utility Man Page
19
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Novell OPEN ENTERPRISE SERVER 2 SP2 - STORAGE SERVICES AUDITING CLIENT LOGGER UTILITY REFERENCE 04-29-2010
Related Products for Novell OPEN ENTERPRISE SERVER 2 SP2 - STORAGE SERVICES AUDITING CLIENT LOGGER UTILITY REFERENCE 04-29-2010
- NOVELL IDENTITY MANAGER 3.6.1 - UNDERSTANDING POLICIES 05-06-2009
- NOVELL LINUX ENTERPRISE SERVER 10 - ARCHITECTURE-SPECIFIC INFORMATION 08-04-2006
- NOVELL LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 04-08-2006
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - ARCHITECTURE-SPECIFIC INFORMATION 08-05-2008
- NOVELL LOGIN SCRIPTS - 08-2008
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - ADMINISTRATOR REFERENCE 06-17-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - DEVELOPMENT CLIENT REFERENCE 08-28-2009
- NOVELL SENTINEL LOG MANAGER 1.0.0.5 - 03-31-2010
- NOVELL SUPPORT ADVISOR - 04-2010
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP 2
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
Need help?
Do you have a question about the OPEN ENTERPRISE SERVER 2 SP2 - STORAGE SERVICES AUDITING CLIENT LOGGER UTILITY REFERENCE 04-29-2010 and is the answer not in the manual?