logmgr Key—Registry Settings

Reference Guide › Registry Entries › The CA Access Control Registry › logmgr Key—Registry Settings

logmgr Key—Registry Settings

CA Access Control maintains logging settings it uses under the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\logmgr

The logmgr registry key contains the following registry entries:

audit_back

The name of the CA Access Control audit backup file. Only CA Access Control can write to this file.

Default: ACInstallDir\log\seos.audit.bak

audit_group

The group that can read the audit logs.

Default: ComputerAssociates

audit_log

The name of the CA Access Control audit log file. When this file reaches the size specified in audit_size, CA Access Control closes the file, renames it with the name in audit_back, and creates a new audit log. Only CA Access Control can write to this file.

Default: ACInstallDir\log\seos.audit

audit_max_files

Defines the maximal number of audit log backup files CA Access Control accumulates when it performs date-triggered backups. When the BackUp_Date configuration setting is set to anything other than none, CA Access Control continuously accumulates date-triggered backup files. This configuration setting lets you reduce disk space CA Access Control uses for audit log backups. When the number of audit log backup files reaches the limit you set, CA Access Control deletes the oldest backup file when it creates the newest.

Values:

0—keep all audit log backup files.
n—a positive integer greater than zero.

Note: You cannot remove redundant audit log backup files manually because CA Access Control protects these automatically. Also, if the audit reporting is enabled, CA Access Control does not delete a backup file until the Report Agent finishes processing it.

Default: 50

audit_size

The maximum size, in KB, of the CA Access Control audit log file. Do not specify less than 50 KB.

Default: 10240

Note: CA Access Control stops writing audit records to the audit file when the audit file size exceeds 2 GB.

AuditFiltersFile

The name of the CA Access Control audit filter file.

Default: ACInstallDir\data\audit.cfg

BackUp_Date

Specifies the criterion by which CA Access Control backs up the audit log file, and if CA Access Control adds a timestamp to the backup file name.

CA Access Control always backs up the audit log file when it reaches the size specified in the audit_size configuration setting.

Values: none, yes, daily, weekly, monthly

yes—CA Access Control backs up the audit log file when it reaches the size specified in audit_size and adds a timestamp to the backup file name.
none—CA Access Control backs up the audit log file when it reaches the size specified in audit_size and does not add a timestamp to the backup file name.
daily, weekly, monthly——CA Access Control backs up the audit log file whenever the specified interval has elapsed and when it reaches the size specified in audit_size, and adds a timestamp to the backup file name. However, if no audit events are written to the audit log file in the specified interval, CA Access Control does not back up the file after the interval elapses.
Note: CA Access Control counts the specified interval from the time that it creates the first audit log file, and backs up the file at midnight on the appropriate day.

Example: The configuration setting has a value of weekly and CA Access Control creates the audit log file at 9:00 a.m. Friday 1 April. Many audit events occur this week and the audit log file exceeds the audit_size configuration setting on Monday 4 April. CA Access Control backs up the audit log file on 4 April and adds a timestamp to the backup file name. A week after the audit log file was first created, at midnight Friday 8 April, CA Access Control again backs up the audit log file and adds a timestamp to the backup file name.

Limits: You must specify values in all uppercase or all lowercase.

Default: yes

error_back

The name of the CA Access Control error backup file.

Default: ACInstallDir\log\seos.error.bak

error_group

The group that can read the error log files.

If this value is set to none, only Administrators can read the file.

Default: none

error_log

The name of the CA Access Control error log file. When this file reaches the size specified in error_size, CA Access Control closes the file, renames it with the name in error_back, and creates a new error log. Only CA Access Control can write to this file.

Default: ACInstallDir\log\seos.error

error_size

The maximum size, in KB, of the CA Access Control error log file.

Default: 50

irecorder_audit

Specifies whether the IR API library routes audit events of existing PMDs in addition to the local security service audit events.

all - routes audit events of Policy Models in addition to the local security service audit events.

localhost - routes audit events of the local security service only.

Default: all

SendAuditToNativeChannel

(Windows 2008 only) Specifies whether seosd sends audit events to the Windows 2008 event log channel for CA Access Control (1).

Default: 0 (no)

SendAuditToNativeLog

Specifies whether seosd sends audit events to the Windows event log (1).

Default: 0 (no)