XYGATE User Authentication Reference Manual
XYGATE
®
User Authentication
™
(XUA) 1.85 Reference Manual
Appendix A: The UACONF File
XYPRO Technology Corporation 214 Proprietary and Confidential
A16: EMS_CRITICAL_IF_DENIED
The EMS_CRITICAL_IF_DENIED keyword causes failed-authentication audit
messages to be marked as critical, an internal audit attribute.
When the AUDIT keyword (App. A3:, A4: or A5: starting on page 206) includes the
CRITICAL sub-keyword, only messages marked as critical are included in the audit.
When audit messages marked as critical are sent to a collector via the EMS SPI
interface, messages are sent with the EMS CRITICAL attribute set.
Syntax:
EMS_CRITICAL_IF_DENIED { ON | OFF }
In the following Example, EMS_CRITICAL_IF_DENIED is set to ON in the UACONF
file. Hence, all the denied access attempts will be flagged as critical messages and
sent to the EMS.
Example: How to send all denied logon attempts to EMS
OSCONF Setting:
AUDIT $SYSTEM.XYGATEUA.AUDIT
AUDIT $0 EMS CRITICAL
EMS_CRITICAL_IF_DENIED ON
The default value is OFF.
Note: The AUDIT sub-keyword CRITICAL means that messages must be marked
critical in order to be sent to EMS, and the keyword
EMS_CRITICAL_IF_DENIED must be set to ON for XYGATEUA to mark
denials as critical.