CA Directory lets you set up the following types of log for each DSA:
The alarm log contains all alarms. Alarms are reports of critical events that should be monitored. This is not dependent on the tracing level or whether the DSA console is open.
This is the only log that cannot be closed. It is always open when a DSA is running.
This log has a default name of dsa-name_alarm.log.
An alert log contains all authentication errors and account suspensions. It can be used to show attempts at unauthorized access to the DSA. This is not dependent on the tracing level.
A certificate log contains a summary of operations that involve certificates or CRLs. This includes all add and modify operations that include a userCertificate, caCertificate, or certificateRevocationList attribute. In addition, any read request, search request, or search filter that returns one of these attributes is recorded.
This is not dependent on the tracing level.
A connection log contains a line for each successful connection made, and each released connection. This is not dependent on the tracing level.
The connection log is time-stamped and date-stamped, and a new one is written daily.
A diagnostic log contains a list of operations that the DSA has rejected, for whatever reason. This includes the operation, the DN of the affected entry, and a diagnostic message. Use this file to debug applications.
If diagnostic tracing has been enabled, this output is also sent to the trace log.
A query log contains detailed information about every operation, including a time and date stamp. This is not dependent on the tracing level.
To configure the query log, use the set query-log-advanced command.
An SNMP log contains all events that are sent to SNMP traps.
A statistics log contains a summary of operational statistics for every minute that the DSA is active. When the DSA is not active, no information is written to the log, which prevents the log file from growing during inactivity. This is not dependent on the tracing level.
A summary log contains a summary of every operation. This is not dependent on the tracing level or whether the DSA console is open.
A time log contains the time taken for each successful operation.
To configure the time log, use the set time-log-search-threshold command and the set time-log-update-threshold command.
If tracing or parsing is turned on, use the get log command to display the configuration of the time log.
A trace log contains tracing information for all successful operations. The level of tracing written to a trace log is dependent on the level of tracing set on the DSA.
An update log contains detailed information for all add, modify, rename, and delete operations. This is not dependent on the tracing level. You can use the set update-log-show-values command to include attribute values in the update log.
A warning log contains all errors and warnings, which are useful for diagnosing problems. This is not dependent on the tracing level. For descriptions of error messages, see System Messages.
Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |