Thanks.
Firstly, the addresses are correct(:
Secondly, where can i get edir_en.lsc?
Now my next question. For the File Access log.
Start from left-
Time, Create File, event xx, *Directory Path, rights RWE, status 0, user server, connection x
1) rights RWE means what? Sometimes, i will also see rights RW, rights WC, rights RWC, rights WCE, rights W, rights WE. What does all this stands for?
Thanks!
Originally Posted by ab@novell.com
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you are using Novell Audit to write to the file then you're already on
an unsupported product. Despite that it should work and the addresses
should look familiar based on your environment. If not you can reference
the edir_en.lsc file that comes with Novell Audit or eDirectory to see if
it helps with understanding the event definition. The LSC files are made
to give a bit of data on the field type and content so start with those.
If you are looking for long-term auditing you should probably at least
write to a database (MySQL is the easiest/best (for most) option) or use a
supported product like Novell Sentinel 6.1 or Novell Sentinel RD, or even
Novell Identity Audit.
Good luck.
qrcheong wrote:
> Hi, i just got the audit log file of the user access generated.
> But i dont seem to rly understd some terms of it.
> please help=]
>
> starting from the left,
> time, Active Connection, event xx, address xxxxxxxx : xxxxxxxxxxxx,
> status 0, user ......, connection xx
>
> 1) is the first range of address in red font refers to a ip address?
> 2) then how abt the second range? what does it refers to?
> 3) event xx refers to?
> 4) status 0 refers to?
> 5) connection xx refers to?
>
> Thanks!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - Enigmail: A simple interface for OpenPGP email security
iQIcBAEBAgAGBQJKSvFVAAoJEF+XTK08PnB5+KwQAJ5JJCQ779 wGVdEZEmUjAGVn
5WLuTdPCm8VpJ1dZ4Jx/R3TuxMb/nHUU+AsNivaQpTzRnVxmGiRqXrWxSyvYKUCk
DG1Zcb1uYpxcK6Y7RbmIyUXPz83ViUXEyb9ZSp1RXsD/kdYuUgbCI/2fIUkk6a7L
oBO6gGa1ZtoTQrwThLjyg38GZHLB18SmNRF/xHCKabJ6w6VQQ6V94OjH7vkVmaI3
1/Gk/A3bYP9J/JRWZR3QTlfKgERP96S+wf3Xd8I/IORFRtt/EdsrfzfATbZxXYHP
YWoQoF/mXotI+q/jUomSOJiDiqdOf36Z0oyIeMnx3tdh8smpW8SbRV/E8T7KJnCq
welcPTPvr1F/WaptfbG0pzZHu6TQO1ogrtXV74O9+wDzZRropORZpj+O7W6DPH GY
yuF3R0RaZd4m18JdS9A/H+X1RCq+YURnLCSRCj/zDEdH4DaoGK+mwcrP5mw7Z3Cc
iDT/5Cp9o492Y5GnJs0lzi2TJg9+O/PFATYQY+zUMfXShblyebZUcmQmq/7lxa+y
o1DZrKmgTfaUuxtJbtJOnrny6vRvnV7QvB87yb3FN+knfZSuYq yI7HUeSMRQmDiA
plytIMTunwn47Dz72HVUFldoCyMmZS5PdTFDO3/Hz3VBaE+y6x4rLD5w66X7LyPP
9JWRxVFT8pgs5qgytIaS
=f4or
-----END PGP SIGNATURE-----
|
Re: Audit log report
Threaded Mode
