Previous Topic: SEOS_PIDNext Topic: Customizing selogrd


LogRoute API

This section contains the following topics:

Programming Guide

Functions

driver_Register Function

driver_UnRegister Function

driver_RegisterDestination Function

driver_UnregisterDestination Function

lograpi_InterpretRecord Function

lograpi_RegisterTargetType Function

lograpi_UnregisterTargetType Function

lograpi_MakeStringMessage Function

LogrApiSenseFunc Function

LogrApiSendFunc Function

LogrApiFreeFunc Function

servlog_IsThereExit Function

servlog_RegisterExit Function

servlog_UnRegisterExit Function

Structures and Data Types

SEOS_AUDITLOGIN

SEOS_AUDITGENR

SEOS_AUDITWDWARN

SEOS_AUDITINWARN

SEOS_AUDITADMIN

SEOS_AUDITSTART

SEOS_AUDITDOWN

SEOS_AUDITUSER

LOGRECHDR

LOGRECORD

SEOS_ROUTENTRY

LOGRAPI_FUNCS

Programming Guide

The LogRoute API lets you add your own alerts to the standard audit log functions. You can also use the log routing daemon to add a guaranteed‑delivery feature to your other programs. This chapter provides details of the configuration file read by selogrd, the structures and functions used when writing a new LogRoute API, the compile and link procedures used under most operating systems, and a sample LogRoute API function.

The LogRoute API lets you insert your own alerts in the audit log file. The seosd daemon generates audit information and stores it in the audit log file. The log routing daemon selogrd polls the audit log file and sends selected local audit log records to the destination targets listed in the CA ControlMinder configuration file. Destination targets may be screen or mail messages to an individual user, a local system file, or files located on remote host systems on the network.

The LogRoute API lets you customize the log routing daemon selogrd. You can incorporate your own user‑defined options into selogrd to support in‑house requirements not provided by the standard log routing functions. You can add new target types to the configuration file read by selogrd. Add your new LogRoute API functions to the CA ControlMinder system by creating your own shared library that uses the CA ControlMinder API. You can also use the log routing daemon to add a guaranteed‑delivery feature to your other programs.

The LogRoute API saves you a tremendous amount of work by letting you take advantage of all the services that the log routing daemons already provide. Regardless of the target type, whether built‑in or user‑defined, the log routing daemons automatically read the audit files, filter the entries to capture the records requested by the user, and store or distribute that selected information appropriately. You can also designate different targets for the configuration file and use selogrd to provide a guaranteed‑delivery service to those targets for your own programs.

CA ControlMinder also provides an API for the daemon that collects the data from multiple stations and maintains the central audit log file.