We run AppMon 7.0 on linux. In 6.5 we had the audit log in Audit.0.0.log, but in 7.0 I cannot find this file. I cannot see this change in docs for 7.0.
I can see SecAudit-FrontendServer.1.log and SecAudit-BackendServer.1.log on dT server 7.0 which are binary files. Any hints ?
Solved! Go to Solution.
we changed the audit log format because we had to meet some security requirements (see Payment Card Industry Data Security Standard). So we're encrypting the log entries now. There are plans to support sending the audit log entries to log servers directly in future releases, too, but I can't give you any dates here.
Meanwhile, if you don't care about audit log security you can deactivate the encryption of the log files using a so called "audit.config.xml" file:
<?xml version="1.0" encoding="UTF-8"?>
Paste the above content into a new server/conf/audit.config.xml file on the server, then stop the server, remove (maybe backup?) the existing SecAudit*.log files and start the server again. Then you should get plain audit log entries. Note, the (plain) log entry format has changed, too.
The parameter called "eventlogformattype" in the audit.config.xml should be set to "1" for unencrypted/plain log entries or to "2" for encrypted log entries.
Hope that helps,