Documentation Center

Setting Up Audit Trail Aggregation - Client

Audit trail aggregation lets you gather all of the audit trails being generated on multiple client systems onto a single server so that you can compile, style, and analyze the audit trail data.

Before you begin

Before you set up the client, set up the aggregation server.

About this task

For the purposes of this procedure, "client" is the Legacy Content Delivery computer where you configure audit trails and "server" is the aggregation server computer.

Procedure

  1. On the client, log on to Legacy Content Delivery as a user with the Manage Application permission.
  2. If you are in Legacy Content Delivery, select Home in the breadcrumb trail.
    The landing page appears.
  3. In the Administration Tools pane, select Manage Application.
    The Manage Application page appears.
  4. In the left pane, select Global Config.
  5. Add or configure the following configuration items:
    NameValue
    audit.aggregation.enableSetting to cause the application to record audit trails. If set to no no audit trails will be recorded for user sessions, and therefore aggregation will not send any audit trails.
    audit.aggregation.keyA unique string. This must match the same configuration value on the server.
    audit.aggregation.urlURL of the server, in the following format: http://server_host_id:server_port_#/ContentDelivery/ where server_host_id is the server host name and server_port_# is the port on which the server Legacy Content Delivery instance is running. server_port_# is specified if you need to replace the standard port, in most cases this is not needed. A standard example would be http://aggregation.lc.example.com/ContentDelivery/ (where lc refers to an example related to output, and aggregation specifies it further as a server dedicated to aggregation)
    audit.aggregation.ageFrequency with which audit trails are aggregated. If you are in Legacy Content Delivery, select Home in the breadcrumb trail. In the Administration Tools pane, select Manage Application > Global Config, and then click one of the following frequencies from the audit.aggregation.age drop-down list:
    • 6 Hours
    • 12 Hours
    • Day
    • Week
    • Month
    • Year

    If you are in a Legacy Content Delivery, select Home in the breadcrumb trail. In the Administration Tools pane, select Manage Application > Audit, then Aggregate Audits to initiate the audit.

    If you set up garbage collection, once an audit trail record has been aggregated, it is deleted the next time garbage collection runs.

    host.idHost ID of the client.

    This is a unique key that identifies the client. If you have already set up forms aggregation, you do not need to add this configuration item again.

    audit.enableSet to Yes to enable gathering audit trails on the server.
  6. Select Save.
  7. Edit ContentDelivery_home/conf.xml.
  8. Adjust the following values to set the timing of aggregation:
    OptionDescription
    periodFrequency, in milliseconds, that the aggregation occurs.
    delayDelay, in milliseconds, before aggregation occurs after restarting the Legacy Content Delivery service.
  9. Restart the web server application or service.
  10. Validate that audit aggregation is occurring by viewing the log on the client at ContentDelivery_home/logs/wrapper.log
    The success and failure messages appear like one of the following:
    Audit Aggregation: status=FAIL message=required URL not
    defined
    Audit Aggregation: status=DISABLED
    Audit Aggregation: status=SUCCESS selected=2 stored=2 marked=2
    serverURL=http://aggregation.lc.example.com/ContentDelivery/