Note: this is an abstract component that cannot be instantiated.
Policy Decision Log Publishers are used to record authorization decisions returned from a policy decision point (PDP).
↓Direct Subcomponents
↓Parent Component
↓Properties
↓dsconfig Usage
The following Policy Decision Log Publishers are available in the server :
These Policy Decision Log Publishers inherit from the properties described below.
The Policy Decision Log Publisher component inherits from the Log Publisher
The properties supported by this managed object are as follows:
| General Configuration Basic Properties: | Advanced Properties: |
|---|---|
| ↓ description | None |
| ↓ enabled | |
| ↓ logging-error-behavior | |
| ↓ include-pdp-response | |
| Log Messages To Include Basic Properties: | Advanced Properties: |
| ↓ policy-message-type | None |
| Property Group | General Configuration |
| Description | A description for this Log Publisher |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | Indicates whether the Log Publisher is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | Specifies the behavior that the server should exhibit if an error occurs during logging processing. |
| Default Value | standard-error |
| Allowed Values | standard-error - Write a message to standard error in the event of a logging failure. lockdown-mode - Place the server in lockdown mode in the event of a logging failure. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | Indicates whether policy decision messages recorded by this log publisher will include the full response returned by the PDP. If this property is enabled, then the complete PDP response will be logged. Otherwise, this log publisher will only record summary information about policy decisions. Please note that the PDP response may contain potentially sensitive data. The contents of the PDP response can be adjusted using the decision-response-view property of the Policy Decision Service. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | Log Messages To Include |
| Description | Specifies the policy message types to be logged. |
| Default Value | decision |
| Allowed Values | decision - A policy authorization decision. advice - Application of a policy advice. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Log Publishers:
dsconfig list-log-publishers
[--property {propertyName}] ...
To view the configuration for an existing Log Publisher:
dsconfig get-log-publisher-prop
--publisher-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Log Publisher:
dsconfig set-log-publisher-prop
--publisher-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Log Publisher:
dsconfig delete-log-publisher
--publisher-name {name}