Third Party Data Security Auditor

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.

Third Party Data Security Auditor provide data security auditor implementations created in third-party code using the UnboundID Server SDK.

Parent Component Properties dsconfig Usage

Parent Component

The Third Party Data Security Auditor component inherits from the Data Security Auditor

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 enabled  None
 report-file
 include-attribute
 audit-backend
 audit-severity
 extension-class
 extension-argument

Basic Properties

enabled

Description
Indicates whether the Data Security Auditor is enabled for use.
Default Value
true
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

report-file

Description
Specifies the name of the detailed report file.
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

include-attribute

Description
Specifies the attributes from the audited entries that should be included detailed reports. By default, no attributes are included. This property allows the administrator to specify which attributes from the audited entries will be included in detailed reports.
Note that reported entries will use a different object class than original entry. If you wish to include the original object class, you may specify objectClass in this property. The report entry will include the original objectClass values in the ds-data-security-audit-objectclass attribute.
Default Value
None
Allowed Values
The name or OID of an attribute type defined in the server schema.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

audit-backend

Description
Specifies which backends the data security auditor may be applied to. By default, the data security auditors will audit entries in all backend types that support data auditing (Local DB, LDIF, and Config File Handler). This property allows the administrator to specify which backends the data security auditor may be applied to. By default, the data security auditors will audit entries in all backend types that support data auditing (Local DB, LDIF, and Config File Handler).
Default Value
None
Allowed Values
The DN of any Backend.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

audit-severity

Description
Specifies the severity of events to include in the report. This property allows the administrator to specify the severity of events to include in the report. Severity can be one of error, warning or verbose.
See the description of the Data Security Auditor to see what events are reported at each severity level.
Default Value
notice
Allowed Values
error - Only the most important security risks are identified.

warning - Includes all events from the error severity level as well as events that are less severe or may present issues in the near future.

notice - Includes all events from the error and warning levels as well as events that do not necessarily indicate problems but are things that administrators may want to take note of.

verbose - Includes all events from the error, warning, and notice levels as well as information considered less significant or with only marginal security risk.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

extension-class (Read-Only)

Description
The fully-qualified name of the Java class providing the logic for the Third Party Data Security Auditor.
Default Value
None
Allowed Values
The fully-qualified name of a Java class that extends or implements com.unboundid.directory.sdk.ds.api.DataSecurityAuditor
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

extension-argument

Description
The set of arguments used to customize the behavior for the Third Party Data Security Auditor. Each configuration property should be given in the form 'name=value'.
Default Value
None
Allowed Values
A string
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Data Security Auditors:

dsconfig list-data-security-auditors
     [--property {propertyName}] ...

To view the configuration for an existing Data Security Auditor:

dsconfig get-data-security-auditor-prop
     --auditor-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Data Security Auditor:

dsconfig set-data-security-auditor-prop
     --auditor-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Third Party Data Security Auditor:

dsconfig create-data-security-auditor
     --auditor-name {name}
     --type third-party
     --set report-file:{propertyValue}
     --set extension-class:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Data Security Auditor:

dsconfig delete-data-security-auditor
     --auditor-name {name}