Error In Audit_log Task Context
don't have JavaScript enabled. This tool uses JavaScript and much of it will not work correctly without it enabled. Please turn JavaScript back on and reload this page.All Places > CA API Management Community > DiscussionsLog in to create and rate content, and to follow, bookmark, and share content with other members.AnsweredAssumed AnsweredScheduled Tasks in Audit LogQuestion asked by montalbano on May 26, 2016Latest reply on Jun 3, 2016 by montalbano Like • Show 0 Likes0 Comment • 4Is it possible to configure a policy used for a scheduled task so that it's visible in the Audit Logs? Especially when developing such a policy it would be very helpful to write audit details for testing purposes...ThanksPeterMark_HE Jun 2, 2016 6:34 AMCorrect AnswerYou're right, for scheduled task policies, save the audit to database seems not working for INFO level.Here are some workarounds,1. change the Level of audit detail assertion to WARNING2. save to ssg log, or custom logger, you can use any level that higher than the logger's thresholdYou may open a support ticket to see if it's a bug or by design.See the reply in contextNo one else had this questionMark as assumed answeredOutcomesVisibility: CA API Management Community109 ViewsLast modified on May 26, 2016 12:26 PMCategories: CA API GatewayThis content has been marked as final. Show 4 comments4 RepliesNameEmail AddressWebsite AddressName(Required)Email Address(Required, will not be published)Website AddressMark_HE May 31, 2016 4:08 AMMark CorrectCorrect AnswerHi Peter,I'm not sure if I understand what you want, but you can always call a gateway service by curl command,for example,curl http://localhost:8080/
Date: Tue, 10 May 2005 09:47:35 -0400 On Tuesday 19 April 2005 11:23, Steve Grubb wrote: > I wanted to start a discussion about an old topic that we last discussed > back in December. The problem basically centers around the audit message > type being too coarse to be of any real use. Attached is my current working patch for people to review and comment on. It is not a final patch. I still need to review all messages to ensure we have everything that its supposed to be. The patch is against the .31 kernel will all my previous patches applied. If there are no objections or concerns, I will finalize this patch https://communities.ca.com/thread/241754778 and release matching user space tools. -Steve diff -ur linux-2.6.9.orig/include/linux/audit.h linux-2.6.9/include/linux/audit.h --- linux-2.6.9.orig/include/linux/audit.h 2005-05-10 08:24:41.000000000 -0400 +++ linux-2.6.9/include/linux/audit.h 2005-05-10 08:24:11.000000000 -0400 @@ -34,18 +34,52 @@ struct atomic_t; #endif -/* Request and reply types */ +/* The netlink messages for the audit system is divided into blocks: + * 1000 - 1099 are for commanding the audit system + * 1100 - 1199 user space trusted application messages + * 1200 - 1299 messages internal to https://www.redhat.com/archives/linux-audit/2005-May/msg00097.html the audit daemon + * 1300 - 1399 audit event messages + * 1400 - 1499 SE Linux use + * 1500 - 1999 future use + * 2000 is for otherwise unclassified kernel audit messages + * + * Messages from 1000-1199 are bi-directional. 1200-1299 are exclusively user + * space. Anything over that is kernel --> user space communication. + */ #define AUDIT_GET 1000 /* Get status */ #define AUDIT_SET 1001 /* Set status (enable/disable/auditd) */ #define AUDIT_LIST 1002 /* List filtering rules */ #define AUDIT_ADD 1003 /* Add filtering rule */ #define AUDIT_DEL 1004 /* Delete filtering rule */ #define AUDIT_USER 1005 /* Send a message from user-space */ -#define AUDIT_LOGIN 1006 /* Define the login id and information */ +#define AUDIT_LOGIN 1006 /* /proc/pid/loginuid change event */ #define AUDIT_WATCH_INS 1007 /* Insert file/dir watch entry */ #define AUDIT_WATCH_REM 1008 /* Remove file/dir watch entry */ #define AUDIT_WATCH_LIST 1009 /* List all watches */ -#define AUDIT_SIGNAL_INFO 1010 /* Get information about sender of signal*/ +#define AUDIT_SIGNAL_INFO 1010 /* Get info about sender of signal*/ + +#define AUDIT_USER_AUTH 1100 /* User space authentication */ +#define AUDIT_USER_ACCT 1101 /* User space acct change */ +#define AUDIT_USER_MGMT 1102 /* User space acct management */ +#define AUDIT_CRED_ACQ 1103 /* User space credential acquired */ +#define AUDIT_CRED_DISP 1104 /* User space credential disposed */ +#define AUDIT_USER
Community MySQL.com Downloads Documentation Section Menu: Search Tasks Text: Priority: ALL Very High High Medium Low Very Low Status: ALL Assigned Un-Assigned In-Progress Complete On-Hold Cancelled Code-Review In-Documentation https://dev.mysql.com/worklog/task/?id=7254 In-Design Patch-queued In-QA Patch-Approved About Worklog The MySQL Worklog are design specifications for some of the items that may be considered for future development. WL#7254: Audit log API extension Affects: Server-5.7 — Status: Complete — Priority: Medium Description Requirements High Level Architecture Low Level Design This worklog to implements some changes to the Audit log API. error in User Documentation http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-9.html http://dev.mysql.com/doc/refman/5.7/en/writing-audit-plugins.html http://dev.mysql.com/doc/refman/5.7/en/plugin-services.html Contents Functional Requirements - Audit API Functional Requirements - Security Context Service Non-Functional Requirements - Audit API Non-Functional Requirements - Security Context Service Functional Requirements - Audit API AA-FR-1 Extend Audit API to support variety of auditing areas such as: AA-FR-1-1 Connectivity AA-FR-1-2 Privilege (authorization, grant check) AA-FR-1-3 Table row access (update, insert, delete) AA-FR-1-4 SQL error in audit_log query execution (sql parse, start, end) AA-FR-1-5 RPC command execution (start, end) AA-FR-1-6 Generic logging AA-FR-1-7 Server initialization and shutdown AA-FR-1-8 Global variable access AA-FR-1-9 Stored program execution AA-FR-2 Extend the plugin configuration that allows the plugin to subscribe to specific events of the class. AA-FR-3 Extend the Audit API that the plugin handling mechanism could abort further execution the of current flow. AA-FR-3-1 Aborted execution breaks with the general error code/message. The plugin abort with custom code/message. Functional Requirements - Security Context Service SC-FR-1 Expose the Security Context as a Plugin Service. Non-Functional Requirements - Audit API AA-NFR-1 Decompose heavy event objects into smaller, context specific ones. AA-NFR-2 Events should carry only data required within the given context. AA-NFR-3 Event objects should minimize utilization of the intermediate structures that exist only during event signalling. AA-NFR-4 Changes, extensions must not influence implementation of the existing plugins. Only minimal adjustments are allowed that applies structure extensions or minor changes. AA-NFR-5 Guarantee proper versioning of the plugin in order to prevent incompatible (older) plugins from loading. Non-Functional Requirements - Security Context Service SC-NFR