|
|
|
CA Access Control writes access success and failures to the audit log. You define which access events CA Access Control writes to the audit log, by changing the value of the AUDIT property for the resource or accessor that you want to audit. You can also use this method to specify that CA Access Control logs every trace event to the audit log.
You use the AUDIT property to specify the audit events that CA Access Control writes to the audit log. Use selang or CA Access Control Endpoint Management to set the AUDIT property for resources and accessors as follows:
|
Value of AUDIT |
What CA Access Control Logs |
Applicable Objects |
|---|---|---|
|
FAIL |
Access failures |
Users and resources |
|
SUCCESS |
Access successes |
Users and resources |
|
LOGINFAIL |
Login failures |
Users |
|
LOGINSUCCESS |
Login successes |
Users |
|
ALL |
Equivalent to FAIL, SUCCESS, LOGINFAIL, LOGINSUCCESS, INTERACTIVE |
Users and resources |
|
TRACE |
Equivalent to ALL plus all system events |
Users |
|
INTERACTIVE |
User sessions on UNIX computers |
Users |
|
NONE |
No logging |
Users and resources |
Note: If the audit property of a user is not set, the AUDIT value of a group or profile group can affect the audit mode CA Access Control uses for the user.
| Copyright © 2012 CA. All rights reserved. |
|