The Siteminder Policy Server is configured by default audit to a text file.   However, the amount of data that is written to a text file by default is less than that which is written to an ODBC Audit Store DB.

Default Audit Fields in the "smaccess.log" file:

Event
Hostname
Time
ClientIp
UserName
AgentName
Action
Resource
SessionId
ReasonStatusMsg

Default Audit Fields in an ODBC Audit Store DB:

       sm_timestamp
       sm_categoryid
       sm_eventid 
       sm_hostname
       sm_sessionid
       sm_username
       sm_agentname
       sm_realmname
       sm_realmoid
       sm_clientip
       sm_domainoid
       sm_authdirname
       sm_authdirserver
       sm_authdirnamespace
       sm_resource
       sm_action
       sm_status
       sm_reason
       sm_transactionid
       sm_domainname
       sm_impersonatorname
       sm_impersonatordirname
       sm_assertion_id
       sm_assertion_issuerid
       sm_assertion_destinationurl
       sm_assertion_statuscode
       sm_assertion_NotOnBefore
       sm_assertion_notonorafter
       sm_assertion_sess_starttime
       sm_assertion_sess_notonorafter
       sm_assertion_authcontext
       sm_assertion_versionid
       sm_assertion_claims
       sm_application_name
       sm_tenant_name
       sm_authentication_method
       sm_devicehash    
       sm_deviceid
       sm_userrefid

PRODUCT: Siteminder

VERSION: r12.8.x

COMPONENT: Policy Server

FEATURE: User Auditing

The amount of data audited to a text file can be configured using "Enable Enhance Tracing" registry key in the Siteminder Registry.

Windows:

1) Logon to the Policy Sever and run 'regedit.exe' with elevated privileges. (Run As Administrator)

2) Browse to the following registry hive:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Reports

3) Add the following key:

NAME: Enable Enhance Tracing

TYPE=DWORD
VALUE: <0|1|2|3|4>

"Enable Enhance Tracing" values:

0 – Disables enhanced auditing
1 – Enables enhanced auditing
2 – Logs assertion attributes
3 – Logs assertion attributes and the authentication method that authenticates a user accesing a resource.
4 – Logs assertion attributes, the authentication method and Enhanced Session Assurance with DeviceDNA™ information

LINUX:

1) Logon to the Policy Sever

2) Browse to the following path:

<Install_Dir>/siteminder/registry/sm.registry

3) Open "sm.registry" with a text editor

4) Locate the following registry hive:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Reports

5) Add the following key:

NAME: Enable Enhance Tracing

TYPE= REG_DWORD
VALUE: <0|1|2|3|4>

"Enable Enhance Tracing" values:

0 – Disables enhanced auditing
1 – Enables enhanced auditing
2 – Logs assertion attributes
3 – Logs assertion attributes and the authentication method that authenticates a user accesing a resource.
4 – Logs assertion attributes, the authentication method and Enhanced Session Assurance with DeviceDNA™ information

EXAMPLE: 

Enable Enhance Tracing= 1;                    REG_DWORD

6) Save Changes

7) Restart the Policy Server

Enhanced Auditing

Audit Data Import Tool for ODBC

EscapeAuditFields