Federation Manager GuideError and Audit Logging › Enable Audit Logging

Previous Topic: User Interface Logging

Next Topic: Set the Audit Log Name and Location

Enable Audit Logging

Federation Manager automatically creates an audit log, smaccess.log, located in the directory federation_mgr_home/logs/server. This log remains empty until you enable logging for authentication events or authorization events, or both, using the XPSConfig command.

Note: XPSConfig is case-sensitive on UNIX platforms.

To enable audit logging

  1. Open a command window.
  2. Type XPSConfig at the command prompt.

    The Product Menu is displayed.

  3. Enter SM.

    The list of parameters with their current values is displayed.

  4. (Optional) Enter f to filter the list of settings.

    At the Enter Filter prompt enter report to find all the settings related to audit log.

  5. Enter the number associated with the desired setting:
    ReportAuth

    Specifies the log settings for authentication events.

    Limits: Must be an integer.

    ReportAz

    Specifies the log settings for authorization events.

    Limits: Must be an integer.

  6. Enter c to change the value.
  7. Enter one of the following values at the prompt:
    Default

    0 = log no events

    Limits

    1 = log all events

    2 = log only rejection events

  8. Enter q until you return to the system prompt.

    Audit logging is enabled.

Note: You can repeat this procedure at any time to update the settings for the audit log settings.