Set an audit level

The pop modify set audit-level command specifies the granularity level of auditing for a POP.

For example, auditing might be set to record unsuccessful events. You can use the results to detect an unusual number of failed access attempts on a particular resource.

Auditing records are written in a standard Extensible Markup Language (XML) format that allows easy parsing to extract whatever information is required. For example:

pdadmin sec_master> pop modify pop_name set audit-level permit,deny

Table 1. Audit levels
Value	Description
`permit`	Audit all requests on a protected object that result in successful access.
`deny`	Audit all requests on a protected object that result in denial of access.
`error`	Audit all internally generated error messages that result from a denial of access to the protected object.

You can apply any combination of these values or specify either all to audit all requests or none to audit no requests. When enabling granular auditing, specify one or more of the following values:

permit
deny
error

When you specify multiple granular values, use a comma as a separator character between these values.

See IBM Verify Identity Access for Web: Command Reference.