5. Verifying generation of audit messages

  • Restart Server

The audit log can be viewed through a text editor.

  • Go to <profile_root>/logs/<server_name> directory and open the file with the name
    • BinaryAudit_<cell_name>_<node_name>_<server_name>.log



Note: Every event starts with a sequence number.

The event type is displayed next. The fields are separated by a “|” character. This is hard to read, but easy to grep.



Now let us generate a security event and check the audit log.

  • Logout of the console
  • Try to Login with an incorrect user name, say “hacker”



A security event should be generated and written to the log file.

Open the log file again and check.



Leave a Reply