Sun Java System Identity Server 2004Q2 Administration Guide |
Chapter 33
Logging Service AttributesThe Logging Service attributes are global attributes. The values applied to them are applied across the Sun Java System Identity Server configuration and are inherited by every configured organization. (They can not be applied directly to roles or organizations as the goal of global attributes is to customize the Identity Server application.) The Logging Attributes are:
Maximum Log Size
This attribute accepts a value for the maximum size (in bytes) of a Identity Server log file. The default value is 1000000.
Number of History Files
This attribute has a value equal to the number of backup log files that will be retained for historical analysis. Any integer can be entered depending on the partition size and available disk space of the local system. The default value is 3.
Note
Entering a value of 0 is interpreted to be the same as a value of 1, meaning that if you specify 0, a backup log file will be created.
Log File Location
The file-based logging function needs a location where log files can be stored. This field accepts a full directory path to that location. The default location is:
/var/opt/SUNWam/logs
If a non-default directory is being used, this directory must have write permission to the user under which Identity Server is running.
When configuring the log location for DB (database) logging (such as, Oracle or MySQL), part of the log location is case sensitive.
For example, if you are logging to an Oracle database, the log location should be:
jdbc:oracle:thin:@machine.domain:port:DBName
jdbc:oracle:thin must be lower case.
Note
Any changes in logging attribute values require a restart of the Identity Server before the changes are activated.
Logging Type
This attribute allows you to specify either File, for flat file logging, or DB for database logging.
Database User Name
This attribute accepts the name of the user that will connect to the database when the Logging Type attribute is set to DB.
Database User Password
This attribute accepts the database user password when the Logging Type attribute is set to DB.
Database User Password (Confirm)
Confirmation of the database password.
Database Driver Name
This attribute allows the user to specify the driver that is to be used for the logging implementation class.
Configurable Log Fields
This parameter represents the list of fields that are to be logged. By default, the following fields are logged:
Log Verification Frequency
This attribute sets the frequency (in seconds) that the server should verify the logs to detect tampering. The default time is 3600 seconds. This parameter applies to secure logging only.
Log Signature Time
This parameter sets the frequency (in seconds) that the log will be signed. The default time is 900 seconds. This parameter applies to secure logging only.
Enable Secure Logging
This attribute specifies whether or not to enable secure logging. By default, secure logging is off. Secure Logging enables detection of unauthorized changes or tampering of security logs.
Maximum Number of Records
This attribute sets the maximum number of records that the Java LogReader interfaces return, regardless of how many records match the read query. By default, it is set to 500. This attribute can be overridden by the caller of the Logging API through the LogQuery parameter.
Number Of Files Per Archive
This attribute is only applicable to secure logging. It specifies when the log files and keystore need to be archived, and the secure keystore regenerated, for subsequent secure logging. The default is five files per logger.
Buffer Size
This attribute specifies the maximum amount of log records to be buffered in memory before they are sent to the logging service to be logged. The default is one record.
Buffer Time
This attribute defines the amount of time that the log records will buffered in memory before they are sent to the logging service to be logged. The default is 3600 seconds.
Enable Time Buffering
When selected as ON, Identity Server will set a time limit for log records to be buffered in memory. The amount of time is set in the Buffer Time attribute.