HP XP7 Command View Advanced Edition Administrator Guide (Web Version) (TK981-96004, May 2014)
The following shows an example of the auditlog.conf file:
# Specify an integer for Facility. (specifiable range: 1-23)
Log.Facility 1
# Specify the event category.
# You can specify any of the following:
# StartStop, Failure, LinkStatus, ExternalService,
# Authentication, AccessControl, ContentAccess,
# ConfigurationAccess, Maintenance, or AnomalyEvent.
Log.Event.Category Authentication,ConfigurationAccess
# Specify an integer for Severity. (specifiable range: 0-7)
Log.Level 6
In the example above, the audit events related to Authentication or ConfigurationAccess
are output. For Windows, Log.Level 6 outputs audit log data corresponding to the Error, Warning,
and Information levels. For Linux, Log.Facility 1 outputs the audit log data to the syslog file
that is defined as the user facility in the syslog.conf file.
Related topics
• Starting the HP XP7 Command View Advanced Edition services, page 165
• Stopping the HP XP7 Command View Advanced Edition services, page 166
Checking audit log data
• In Windows:
Audit log data is output to the Windows event log in the following format:
program-name [process-ID]: message-portion
• In Linux:
Audit log data is output to the syslog file in the following format:
date-time server-name (or IP-address) program-name[process-ID]:
message-portion
The format and contents of message-portion are described below.
NOTE:
In message-portion, a maximum of 953 single-byte characters can be displayed in a syslog
file.
Administrator Guide (Web Version) 251