Log forwarding on PAMSC server 14.1
search cancel

Log forwarding on PAMSC server 14.1

book

Article ID: 235531

calendar_today

Updated On:

Products

CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction


On ENTM PIM 12.9.1 we have an AC and UNAB logs forwarding to log server.

How can I configure the similar feature for PAMSC 14.1 server ? 

Environment

Release :

Component : PAMSC 14.1

Cause

In Enterprise Management Server you have the option to define an external syslog server

You got to the Graphical interface

System 
CA User Activiry Reporting
  Manage Audit Forwarder

You can indicate here a Remote syslog

Resolution

In PAMSC 14.x, we don't have event forwarder implementation, so we cannot configure syslog server in ENTM and forward the events in CEF format.

However, we gave the option for the customer to take the log file and use it (we store the data in the log file as mentioned in the below path).

This is only for PAMSC, for PIM we don't log this way as we have Event_forwarder service.


For PAMSC 14.1 we log at - <WILDFLY_HOME>\log\CM_events.log
For PAMSC 14.0 we log at - <JBOSS_HOME>\log\CM_events.log

Only PIM 14 can communicate with the 12.x agents since it includes the tibco bridge.

PAM SC releases do not have the bridge, we cannot get audit events from older endpoint versions 12.8.x or 12.9.x.