206 Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0
logflush Defines frequency with which the server forces a flush of
the audit trail file buffers. Depends of the value; behavior
is similar to flush_interval parameter in the log file agent.
This approach is comparable to the logcfg entry with a file agent. For example, to
capture authentication events, the configuration file entries could be set as
follows:
[aznapi-configuration]
logaudit = yes
auditcfg = authn
auditlog = /var/pdweb/log/audit.log
logsize = 2000000
logflush = 20
If you are still using the logaudit approach, consider using either the logcfg
approach or the Common Auditing Service. The logcfg approach provides
additional configuration options, such as buffer size and event queues, and the
ability to use the console, pipe, and remote log agents.
6.1.3 WebSEAL HTTP logging
WebSEAL maintains the following HTTP log files that record HTTP activity:
request.log The request.log records HTTP request information, such
as the URL that was requested and client data (for
example, IP address).
agent.log The agent.log file records the contents of the User_Agent:
header in the HTTP request. This log reveals information
about the client browser, such as architecture or version
number, for each request.
referer.log The referer.log records the Referer: header of the HTTP
request. For each request, the log records the document
that contained the link to the requested document. The
log uses the following format:
referer
→
object
This information is useful for tracking external links to
documents in your Web space. The log reveals that the
source indicated by referer contains a link to a page
(object). This log allows you to track stale links and to find
out who is creating links to your documents.
By default, these log files are located in the following directory:
Linux and UNIX operating systems /var/pdweb/www-default/log
Windows operating systems C:\Program Files\Tivoli\PDWeb\www-default\log