audit-log-cfg
audit-log-cfg = <agent>[<parameter>=<value>],[<parameter>=<value>],...
Description
Configures audit logging for the runtime security service. We can use the available parameters to configure the logging agents.
Options
<agent> Logging agent. The agent controls the logging destination for server events. Valid agents include:
- stdout
- stderr
- file
- remote
- rsyslog
<parameter> The different agents support the following configuration parameters:
Parameter Supporting agents buffer_size remote compress remote dn remote error_retry remote, rsyslog flush_interval all hi_water all log_id file, rsyslog max_event_len rsyslog mode file path all port remote, rsyslog queue_size all rebind_retry remote, rsyslog rollover_size file server remote, rsyslog ssl_keyfile rsyslog ssl_label rsyslog ssl_stashfile rsyslog
For a complete description of the available logging agents and the supported configuration parameters, see the Security Verify Access: Auditing Guide.
Usage:
This stanza entry is optional.
This stanza entry applies to Advanced Access Control. We must configure this attribute if we want WebSEAL to log runtime security audit events. If there is no value set, then WebSEAL does not log any audit events for the runtime security service.
Default: None.
Example:
To log audit events in a file called rtss-audit.log:
audit-log-cfg = file path=/tmp/rtss-audit.log,flush_interval=20, rollover_size=2000000,queue_size=48
To send audit logs to STDOUT:
audit-log-cfg = stdout