AnsweredAssumed Answered

Complete Audit Log in syslog format

Question asked by Malcolm Bruce on Aug 1, 2016
Latest reply on Feb 19, 2018 by Nathan Furze

We are currently evaluating RSA Authentication Manager 8.2.  One of the requirements is regular exporting of all Audit data to an external audit server.  Preferably in syslog format.

 

The files messages, imsAdminAudit.log, imsRuntimeAudit.log and imsSystem.log would be ideal.  However these files appear not to contain all audit records.  For example, the Administrator's Guide specifically states for imsAdminAudit.log:

Note: Only contains data not written to the

Administrative Audit log stored in the internal

database.

And this is what we are seeing.  Only a subset of records are contained in these files.

 

Is there a way to get a complete set of audit records in one or more files?

Outcomes