I know how to send Audit events from IDM policy. Now I'm curious to know
if anybody's tried to send syslog events directly, rather than going
through Audit.

A quick Google search turns up some public java implimentations of
syslog, like:

http://protomatter.sourceforge.net/l...e-summary.html

that look like they might work. There are also some references to doing
syslog with log4j, but I haven't spotted any actual implimentations of
this yet.

Why? Well, because it looks like I may be tasked with reporting IDM
events to a centralized logging and auditing server here, which is
currently not looking like it's going to be a Novell product, but looks
like it will take syslog events. The only way to get syslog events out
of Novell Audit is to buy the full package. Not that the full package
might not be good or whatever, but having to buy, build, and maintain an
auditing system (Audit) whos only purpose in life is to take Audit
events and turn them in to Syslog events seems redundant (and may be an
expensive non-starter).

I don't know for sure yet if this is going to come to pass. I'm
investigating my options, so that I'll be ready when (if) it does.



---------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu

I'm tired of receiving rubbish in my mailbox, so the E-mail address is
munged to foil the junkmail bots. Humans will figure it out on their own.