This content has been marked as final. Show 3 replies
In case this ends up being usefull to anyone... I've managed to alter component_events.xml as follows, adding user authentication to the "low" preset. As stated in the munual, this isn't documented functionality and is not supported... so do with it as you will. I'm excluding events for user "anonymous" otherwise you get flooded with useless data.
ResourceTemplateDeletion,GenericAdminOperation,ServerStartup,ServerShutDown,Authentication(Initiator -ne "Anonymous" )</FilterPresetDefinition>
Edited by: Jeremy Waters on Jan 30, 2013 8:27 AM
THANKS for posting that info! I was wondering: How did you figure out the syntax, etc. for what you had to modify in the XML file? Is that format/syntax documented somewhere (undertood that it's not supported)?
In your case, are you sending the audit output to the filesystem or to a database? If the former, what is the location for the audit log file? On one of my test systems, I have a file, audit.log, at:
Is that the location for the file-based audit output?
Sorry for all the questions, but I'm trying to get this working myself, so your thread/post was very timely and helpful!