Set an audit level

Set an audit level

The pop modify set audit-level command specifies the granularity level of auditing for a POP.
For example, auditing might be set to record unsuccessful events. We can use the results to detect an unusual number of failed access attempts on a particular resource. Auditing records are written in a standard Extensible Markup Language (XML) format that allows easy parsing to extract whatever information is required. For example:
pdadmin sec_master> pop modify pop_name set audit-level permit,deny

Value Description

permit Audit all requests on a protected object that result in successful access.

deny Audit all requests on a protected object that result in denial of access.

error Audit all internally generated error messages that result from a denial of access to the protected object.

We can apply any combination of these values or specify either all to audit all requests or none to audit no requests. When enabling granular auditing, specify one or more of the following values:

permit
deny
error
When we specify multiple granular values, use a comma as a separator character between these values.
See IBM Security Verify Access for Web: Command Reference.
Parent topic: Configure POP attributes

Value	Description
permit	Audit all requests on a protected object that result in successful access.
deny	Audit all requests on a protected object that result in denial of access.
error	Audit all internally generated error messages that result from a denial of access to the protected object.