Skip to end of banner
Go to start of banner

2.6.3 Audit Server Configuration

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Hello. In this video, you will learn what an Audit Server is and how to configure it.

 

The Audit Server is a service that is responsible for processing backend configurations and also for the web interface in ACDI. In order to get to the Audit Server settings, you need to go to “Administration,” then “Audit Server.” Here are tabs with different settings of the Audit Server. Let's go through them one by one.

server_1.jpg

The settings in this tab include the ID of the ACDI application item, the license you get from SKyPRO, OpenSearch endpoint name, name of the endpoint for open search, and many other service settings.

server_2.jpg

For example, here you can define the FQDN of ACDI if you want to change it and a path where your export data will be stored. This means that if you have a scheduled report the size will be bigger than the configured limit, it will be stored in a folder set in the “Audit Export data” option.

server_3.jpg

You can configure a logo of a company in export files maximum as well as the maximum email file size — the size of documents that can be sent via email.

server_4.jpg

Here are also “Export mail Subject,” ‘Export mail Text,” “Export mail HTML,” and “OpenSearch request size,” which is set by default to 100,000 and can only be extended if you make changes in the appropriate setting in OpenSearch.

server_5.jpg

The ”Maximum JSON object size” setting with the value in megabytes. Also here, “Amount of worker processes,” postprocessing data lifetime limit in seconds, and “ACDI Node name”: if you have one node, the settings value should be left as it’s set by default but in other cases, you'll need to customize it.

server_6.jpg

Let’s look at the “External Configurations” settings panel which contains paths to where different ACDI services are located. If you need to move some of those services to another directory or directories, these settings must be changed.

server_7.jpg

Okay, here is the “ACDI Services List.” AuditProxy is a proxy service.

server_8.jpg

You can learn about the AuditProxy in the ACDI Core Engine video.

server_9.jpg

“Audit Report eDir” is a service that makes a snapshot from eDirectory. Next in the row is the  “Audit Report AD” which serves as the snapshot service for Active Directory. “Audit Export” processes reports and creates files. “Audit Server” — the one and only service responsible for the ACDI web interface.  “OpenSearch,”  “OpenSearch Dashboards” and “Audit DirSync.” “Audit DirSync” is a service that collects and processes event data from Active Directory.

server_10.jpg

Let's go to the next settings tab, namely to the “Day Time format” tab.

server_11.jpg

Here you can define if you want to get dates in a browser-defined format or you can set a time zone for the frontend web interface. You see it in Dashboards, Time Machine, and other ACDI service tabs where dates with time zones are used. Basically, that’s all for this settings tab.

server_12.jpg

These settings are of extreme importance because each one of them contains the so-called - templates and rollovers for indices where the snapshot and audit data are stored.

server_13.jpg

The settings in this tab mirror the settings in Core Engine — “LDAP Connections”.

server_14.jpg

Here you can see that an index has its own unique name, you can configure a type of directory used - eDirectory or Active Directory and other settings for each type of indices: for report indices which contain aliases used for reading and searching data.

server_15.jpg

Okay, you see here “write-report-default-” and it’s a pattern for writing.  “The key attribute” is used for linking objects with audit data. Finally, “Report Index Day-Time pattern”.

server_16.jpg

You can define a time zone for each date-time field you use. These settings will affect dates displayed in Time Machine. There are also “Service Attributes (List of additional attributes)” that are not received from eDirectory or Active Directory, must be requested additionally, and will be removed in the Time Machine. Let's go to the Time Machine to gain a deeper insight into additional attributes.

So, eDirectory is your index source. You see a list of snapshots on this page. Okay, let's move to History Browser, select a random object and the date & time you see here will be affected by the time zone set in the “Service Attributes (List of additional attributes)” settings in Audit Server. If you click “Show Service Attributes,” you’ll get to see additional attributes used by ACDI for internal purposes.

Should you have any questions or require any assistance, please do not hesitate to contact us at any time swsupport.skypro@skypro.ch

  • No labels