The audit log is stored in a file. The value audit_log in the following Windows registry subkey specifies the location of the audit log file:
HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\logmgr
The default value for this key is:
C:\Program Files\CA\Access Control\log\seos.audit
By default, CA ControlMinder automatically backs up the audit log when it reaches 1024 KB. You can change this size by changing the value audit_size in the subkey:
HKEY_LOCAL_MACHINE\Software\ComputerAssociates\AccessControl\logmgr
You can also choose to back up the audit log periodically (daily, weekly, or monthly) by changing the value BackUp_Date in the Windows registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\logmgr
Note: For more information about these registry subkeys, see the Reference Guide.
CA ControlMinder provides two built‑in tools for viewing, filtering, and searching the audit logs:
You can display every record in the audit log, or you can use filters to select particular records from the audit log.
The remainder of this chapter describes how to view the records in the audit log when using audit filters in CA ControlMinder Endpoint Management.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|