Enterprise Administration Guide › Administering CA ControlMinder Enterprise Management › Audit Data › Route Message Queue Audit Messages to Windows Event Log

Route Message Queue Audit Messages to Windows Event Log

Valid on Windows

You can configure the Enterprise Management Server to route message queue audit messages to the Windows event log. Each time the Enterprise Management Server writes an audit message to the audit log, a corresponding event is sent to the event log.

To route message queue audit messages to Windows event log

1. Stop the JBoss application server, if running.
2. Navigate to the following directory, where JBOSS_HOME indicates the directory where you installed JBoss:

   JBOSS_HOME\server\default\conf\
   

3. Open the jboss-log4j.xml file.
4. Add an appender named "ENTM_NTEventLog" in the class.

   The appender specifies the class to use for auditing and how to display the data.

5. Specify the logger that the appender binds to as a input channel for the audit messages. Insert the following code before the <root> element of jboss-log4j.xml:

   <logger name="EventLog">
       <appender-ref ref="ENTM_UNIXSysLog"/>
   </logger>
   

6. Save and close the file.
7. Copy the NTEventLogAppender.dll file to the Windows System32 directory.

   Note: You can find the NTEventLogAppender.dll file in the Apache log4j 1.2.16 bundle. You can download the Apache log4j 1.2.16 from the Apache Logging Services website.

8. Start the JBoss application server.

   The Enterprise Management Server now routes message queue audit messages to the Windows event log.

Example: Modify the jboss-log4j.xml file to send message queue audit messages to Windows Event Log

The following snippet shows the jboss-log4j.xml file that is configured to route message queue audit messages to the Windows Event Log::

 <appender name="ENTM_NTEventLog"
                        class="org.apache.log4j.nt.NTEventLogAppender">
    <param name="Source" value="CA Access Control Enterprise Management"/>
    <layout class="org.apache.log4j.SimpleLayout"/> 		 
</appender>

<logger name="EventLog">  
    <appender-ref ref="ENTM_NTEventLog"/>
</logger>

In this example,you did the following changes:

• Added a new appender by the name "ENTM_NTEventLog"
• Added class by the name "org.apache.log4j.nt.NTEventLogAppender"
• Defined the param name: "Source"
• Defined the value: "CA Access Control Enterprise Management"
• Defined the layout class:"org.apache.log4j.SimpleLayout"
• Defined the logger name: "EventLog"
• Defined the appender-ref ref : "ENTM_NTEventLog"