File Based Audit Log Publishers publish audit messages to the file system.
↓Parent Component
↓Relations To this Component
↓Properties
↓dsconfig Usage
The File Based Audit Log Publisher component inherits from the Access Log Publisher
The following components have a direct aggregation relation from File Based Audit Log Publishers:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ description | ↓ auto-flush |
| ↓ enabled | ↓ asynchronous |
| ↓ suppress-internal-operations | ↓ queue-size |
| ↓ suppress-replication-operations | ↓ time-interval |
| ↓ log-forwards | ↓ buffer-size |
| ↓ log-forward-failures | |
| ↓ log-intermediate-responses | |
| ↓ connection-criteria | |
| ↓ request-criteria | |
| ↓ result-criteria | |
| ↓ timestamp-precision | |
| ↓ log-file | |
| ↓ log-file-permissions | |
| ↓ append | |
| ↓ rotation-policy | |
| ↓ retention-policy | |
| ↓ include-instance-name | |
| ↓ include-startup-id | |
| ↓ include-requester-ip-address | |
| ↓ use-reversible-form |
| Description | A description for this Log Publisher |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the Log Publisher is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
suppress-replication-operations
| Description | Indicates whether access messages that are generated by replication operations should be suppressed. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether to log information about requests forwarded to other servers. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether to log information about failed attempts to forward requests to other servers. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether to log information about intermediate responses sent to the client. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of connection criteria that must match the associated client connection in order for a connect, disconnect, request, or result message to be logged. |
| Default Value | None |
| Allowed Values | The DN of any Connection Criteria. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of request criteria that must match the associated operation request in order for a request or result to be logged by this Access Log Publisher. |
| Default Value | None |
| Allowed Values | The DN of any Request Criteria. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of result criteria that must match the associated operation result in order for that result to be logged by this Access Log Publisher. |
| Default Value | None |
| Allowed Values | The DN of any Result Criteria. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the smallest time unit to be included in timestamps. |
| Default Value | milliseconds |
| Allowed Values | seconds - Timestamps will be precise to the nearest second. milliseconds - Timestamps will be precise to the nearest millisecond. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The file name to use for the log files generated by the File Based Audit Log Publisher. The path to the file can be specified either as relative to the server root or as an absolute path. |
| Default Value | None |
| Allowed Values | Unknown |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | The File Based Audit Log Publisher must be disabled and re-enabled for changes to this setting to take effect. Modification requires that this component be disabled and then re-enabled |
| Description | The UNIX permissions of the log files created by this File Based Audit Log Publisher. |
| Default Value | 640 |
| Allowed Values | A valid UNIX mode string. The mode string must contain three digits between zero and seven. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies whether to append to existing log files. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The rotation policy to use for the File Based Audit Log Publisher . When multiple policies are used, rotation will occur if any policy's conditions are met. |
| Default Value | No rotation policy is used and log rotation will not occur. |
| Allowed Values | The DN of any Log Rotation Policy. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The retention policy to use for the File Based Audit Log Publisher . When multiple policies are used, log files are cleaned when any of the policy's conditions are met. |
| Default Value | No retention policy is used and log files are never cleaned. |
| Allowed Values | The DN of any Log Retention Policy. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether log messages should include the instance name for the Directory Proxy Server. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether log messages should include the startup ID for the Directory Proxy Server, which is a value assigned to the server instance at startup and may be used to identify when the server has been restarted. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether log messages for operation requests should include the IP address of the client that requested the operation. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the audit log should be written in reversible form so that it is possible to revert the changes if desired. If this property is set true then the audit log is written in reversible form. For delete operations there will be comments with the contents of the entry. For modify operations the changes will only contain delete of the previous values and add of the new values (omitting those that didn't change). For modify DN operations there will be comments with the attribute additions or deletions, if any, caused by the RDN change. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
auto-flush (Advanced Property)
| Description | Specifies whether to flush the writer after every log record. If the asynchronous writes option is used, the writer is flushed after all the log records in the queue are written. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
asynchronous (Advanced Property)
| Description | Indicates whether the File Based Audit Log Publisher will publish records asynchronously. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
queue-size (Advanced Property)
| Description | The maximum number of log records that can be stored in the asynchronous queue. The server will continuously flush messages from the queue to the log. That is, it does not wait for the queue to fill up before flushing to the log. Lowering this value can impact performance. |
| Default Value | 10000 |
| Allowed Values | An integer value. Lower limit is 1000. Upper limit is 100000 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The File Based Audit Log Publisher must be restarted if this property is changed and the asynchronous property is set to true. |
time-interval (Advanced Property)
| Description | Specifies the interval at which to check whether the log files need to be rotated. |
| Default Value | 5s |
| Allowed Values | A duration. Lower limit is 1 milliseconds. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
buffer-size (Advanced Property)
| Description | Specifies the log file buffer size. |
| Default Value | 64kb |
| Allowed Values | A positive integer representing a size. Lower limit is 1. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Log Publishers:
dsconfig list-log-publishers
[--property {propertyName}] ...
To view the configuration for an existing Log Publisher:
dsconfig get-log-publisher-prop
--publisher-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Log Publisher:
dsconfig set-log-publisher-prop
--publisher-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new File Based Audit Log Publisher:
dsconfig create-log-publisher
--publisher-name {name}
--type {type}
--set enabled:{propertyValue}
--set log-file:{propertyValue}
[--set {propertyName}:{propertyValue}] ...
To delete an existing Log Publisher:
dsconfig delete-log-publisher
--publisher-name {name}