CSV Audit Event Handler Properties

UI Label / Textaudit.json File LabelDescription
File RotationfileRotationGroups the file rotation configuration parameters.
rotationEnabledrotationEnabledSpecifies whether file rotation is enabled. Boolean, true or false.
maxFileSizemaxFileSizeThe maximum size of an audit file, in bytes, before rotation is triggered.
rotationFilePrefixrotationFilePrefixThe prefix to add to the start of an audit file name when it is rotated.
Rotation TimesrotationTimesSpecifies a list of times at which file rotation should be triggered. The times must be provided as durations, offset from midnight. For example, a list of 10 minutes, 20 minutes, 30 minutes will cause files to rotate at 10, 20 and 30 minutes after midnight.
File Rotation SuffixrotationFileSuffixThe suffix appended to rotated audit file names. This suffix should take the form of a timestamp, in simple date format. The default suffix format, if none is specified, is -yyyy.MM.dd-HH.mm.ss.
Rotation IntervalrotationInterval The interval to trigger a file rotation, expressed as a duration. For example, 5 seconds, 5 minutes, 5 hours. A value of 0 or disabled disables time-based file rotation. Note that you can specify a list of rotationTimes and a rotationInterval. The audit event handler checks all rotation and retention policies on a periodic basis, and assesses whether each policy should be triggered at the current time, for a particular audit file. The first policy to meet the criteria is triggered.
File RetentionfileRetention Groups the file retention configuration parameters. The retention policy specifies how long audit files remain on disk before they are automatically deleted.
Maximum Number of Historical FilesmaxNumberOfHistoryFiles The maximum number of historical audit files that can be stored. If the total number of audit files exceed this maximum, older files are deleted. A value of -1 disables purging of old log files.
Maximum Disk SpacemaxDiskSpaceToUse The maximum disk space, in bytes, that can be used for audit files. If the total space occupied by the audit files exceed this maximum, older files are deleted. A negative or zero value indicates that this policy is disabled, that is, that unlimited disk space can be used for historical audit files.
Minimum Free Space RequiredminFreeSpaceRequired The minimum free disk space, in bytes, required on the system that houses the audit files. If the free space drops below this minimum, older files are deleted. A negative or zero value indicates that this policy is disabled, that is, that no minimum space requirements apply.
rotationRetentionCheckIntervalrotationRetentionCheckInterval Interval for periodically checking file rotation and retention policies. The interval must be a duration, for example, 5 seconds, 5 minutes, or 5 hours.
Log DirectorylogDirectoryDirectory with CSV audit files
CSV Output Formattingformatting 
quoteCharquoteCharFormatting: Character used around a CSV field
delimiterChardelimiterCharFormatting: Character between CSV fields
End of Line SymbolsendOfLineSymbolsFormatting: end of line symbol, such as \n or \r
Security: CSV Tamper Evident ConfigurationsecurityUses keystore-based signatures
EnabledenabledCSV Tamper Evident Configuration: true or false
FilenamefilenameCSV Tamper Evident Configuration: Path to the Java keystore
PasswordpasswordCSV Tamper Evident Configuration: Password for the Java keystore
Keystore HandlerkeystoreHandlerNameCSV Tamper Evident Configuration: Keystore name. The value of this property must be openidm. This is the name that the audit service provides to the ForgeRock Common Audit Framework for the configured IDM keystore.
Signature IntervalsignatureIntervalCSV Tamper Evident Configuration: Signature generation interval. Default = 1 hour. Units described in "Restrictions on Configuring the CSV Audit Handler in the UI".
BufferingbufferingConfiguration for optional event buffering
enabledenabledBuffering: true or false
autoFlushautoFlushBuffering: avoids flushing after each event
Read a different version of :