Server Audit Capabilities
You can audit IBM® Security Verify Directory Integrator events. Notifications are created for each event. You can know more about the audit capabilities through the information provided here.
The IBM® Security Verify Directory Integrator Audit Component enables the IBM® Security Verify Directory Integrator Server to audit events such as authentication and authorization in the Server API.
Notifications are generated when authentication and authorization (auth*) events occur. Audit data is packaged into an Entry and provided as user data in the notification. The "Audit Service" consists of a separate Audit config that is automatically loaded by the IBM® Security Verify Directory Integrator server. The Audit config contains auto-started Audit AssemblyLines. The Audit ALs iterate on the notification connector using suitable filters. IBM® Security Verify Directory Integrator users can even generate "user defined notifications" if they want to create audit events from within their own code.
IBM® Security Verify Directory Integrator auditing contains two main parts:
- A way for generating the necessary audit information
- An "Audit service" for handling existing audit data
Generating necessary audit information is implemented by creating IBM® Security Verify Directory Integrator Entries on each audit point in the Server API, and by broadcasting these Entries wrapped in a notification. For this purpose a new class is presented in the Server API (com.ibm.di.api.APIAuditor), that generates the Entry, attaches the Entry as UserData to a notification, and sends it to all interested listeners.
The "Audit Service" is the main consumer of the audit notifications. The Audit Service is a config consisting of several ALs that iterate on the Notification Connector. Using different filters can register to a variety of notification types.
- Auditing scope
Only those events can be considered for auditing which pass the listed criteria. - Suppression of notifications
You can know more about suppression of notifications, commands to generate the suppressed event types, method to do the same through the information provided here. - Sending notifications
You can deliver a notification to every registered Listener. Here is a list of notification delivery parameters.