Set a third party audit service providers for security auditing
The audit service provider is used to format the audit data object that was sent by the audit event factory. In addition to the default audit service provider, you may use a third party implementation as the audit service provider.
Before configuring the audit service provider, enable global security in the environment.
This task configures the audit service provider used to record generated audit records.
- Click Security > Security Auditing > Audit service provider.
- Click New and then select Third party emitter.
- Enter the unique name that should be associated with this audit service provider in the Name field.
- Enter the Third party emitter class name.
- Enter the Event formatting module class name. This field specifies the class used to format the generic event into a format that is specific to the audit service provider implementation. For example, the implementation might have an event formatting class that takes the generic event and translates it into XML data.
- Select the filters to be used by this audit service provider. The Selectable filter list consists of a list of the configured filters that have been configured and are currently enabled.
- Select the filters that should be audited from the Selectable filter list.
- Click Add >> to add the selected filters to the Enabled filter list.
- Enter any custom properties that you included in the third party emitter code.
- Click Apply.
ResultsAfter completing these steps, the audit data will be sent to the specified repository in the format required by that repository.
Next stepsAfter creating an audit service provider, the audit service provider must be associated with an audit event factory provide the audit data objects to the audit service provider. Next you should configure an audit event factory.
Example: Base Generic Emitter Interface
Set auditable events using scripting
Audit the security infrastructure
Audit service provider collection
Audit service provider settings