You can audit security-related events, such as authorization successes and failures, failures in the security subsystem (e.g. failure to connect to an ESM), and major system events (e.g. startup).
You must first configure and run the Micro Focus Audit Facility to capture the generated audit information. This involves creating a configuration file and running an audit event consolidator process. For details see the Audit Facility documentation.
Once the audit consolidator process is running, you can set the Create Audit Events option in the appropriate configuration options set.
Enterprise Server and Directory Server will exit with an error message if they are configured to for auditing and the Audit Facility consolidator process is not running.
Currently, the following events are generated.
ESF Manager initialization, startup, and termination |
ESF Verify / Auth request start |
ESF Verify / Auth request error |
ESF Verify / Auth request denied |
ESF Verify / Auth request failed |
ESF Verify request succeeded |
ESF Verify allowed for unknown user (per configuration) |
ESF Admin request start |
ESF Admin request succeeded / failed |