Auditing

In the context of:

ESCWA

Enterprise Server can be configured to log auditable events that occur during operation. Audit logs can be used to identify potential security issues or review system changes.

ESCWA's server configuration can be modified to emit network type audit events.

ESCWA's ESF configuration can be modified to emit security type audit events.

See Enterprise Server Auditing for more information.

Directory Server

Enterprise Server can be configured to log auditable events that occur during operation. Audit logs can be used to identify potential security issues or review system changes.

A Directory Server will emit both process specific and security audit events when its ESF configuration is modified to enable auditing.

See Enterprise Server Auditing for more information.

Region

Enterprise Server can be configured to log auditable events that occur during operation. Audit logs can be used to identify potential security issues or review system changes.

A region will emit both process specific and security audit events when its ESF configuration is modified to enable auditing.

See Enterprise Server Auditing for more information.

Configuration options

ESCWA

To ensure ESCWA auditing has been enabled, use ESCWA to perform the following steps:

  1. Click

    This opens the Enterprise Server Administration Configuration dialog box.

  2. Expand Tracing and Logging Settings
  3. Check Enable Auditing.
    • Optionally, check Audit Request Bodies.
      Note: This will generate significantly more audited event information.
  4. Click Apply.

To ensure that ESCWA ESF configuration has auditing enabled, use ESCWA to perform the following steps:

  1. In the menu bar, click Security.
  2. In the Security Navigation pane, click ESCWA Configuration.
  3. Check Create audit events.
  4. Click Apply.
Directory Server
To ensure a Directory Server's ESF configuration has auditing enabled, use ESCWA to perform the following steps:
  1. In the top menu bar, click Native.
  2. In the Native Navigation pane, expand Directory Server.
  3. Click the directory server you require, then click Security > Directory Server Configuration.

    This takes you to the Directory Server Security Facility Configuration page.

  4. Check Create audit events.
  5. Click Apply.

To ensure a Directory Server's Default ES Configuration has auditing enabled, use ESCWA to perform the following steps:

  1. In the top menu bar, click Native.
  2. In the Native Navigation pane, expand Directory Server.
  3. Click the directory server you require, then click Security > Default ES Configuration.

    This takes you to the Default ES Security Facility Configuration page.

  4. Check Create audit events.
  5. Click Apply.
Parent topic: Configuration Report