Directory Services 7.4.2

External Access Log Publisher (DEPRECATED)

DEPRECATED for removal since 7.2.0: The Audit Event Handlers are deprecated. The Elasticsearch and Splunk Audit Event Handlers support only old versions of these products which have security vulnerabilities. Alternative: Use the dedicated tools provided by these products to upload the log files.

External Access Log Publishers publish access messages to an external handler.

Parent

The External Access Log Publisher object inherits from Common Audit Access Log Publisher.

External Access Log Publisher properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

config-file
enabled
filtering-policy
log-controls
log-field-blacklist

java-class
suppress-internal-operations
suppress-synchronization-operations

Basic properties

Use the --advanced option to access advanced properties.

config-file

Synopsis

The JSON configuration file that defines the External Access Log Publisher. The content of the JSON configuration file depends on the type of external audit event handler. The path to the file is relative to the server root.

Default value

None

Allowed values

A path to an existing file that is readable by the server.

Multi-valued

No

Required

Yes

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

No

Read-only

No

enabled

Synopsis

Indicates whether the Log Publisher is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

filtering-policy

Synopsis

Specifies how filtering criteria should be applied to log records.

Default value

no-filtering

Allowed values

  • exclusive: Records must not match any of the filtering criteria in order to be logged.

  • inclusive: Records must match at least one of the filtering criteria in order to be logged.

  • no-filtering: No filtering will be performed, and all records will be logged.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-controls

Synopsis

Specifies whether controls with criticality and values will be included in operation log records.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-field-blacklist

Synopsis

List of fields that the server omits from access log messages.

Description

Valid values for this property are JSON paths for fields present in the log file.

Default value

No message elements are blacklisted by default

Allowed values

A JSON path to an existing object of the access event definition.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

java-class

Synopsis

The fully-qualified name of the Java class that provides the External Access Log Publisher implementation.

Default value

org.opends.server.loggers.ExternalAccessLogPublisher

Allowed values

A Java class that extends or implements:

  • org.opends.server.loggers.LogPublisher

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

suppress-internal-operations

Synopsis

Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

suppress-synchronization-operations

Synopsis

Indicates whether access messages that are generated by synchronization operations should be suppressed.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

Copyright © 2010-2024 ForgeRock, all rights reserved.