When you secure applications, it is important to monitor, or audit, the effectiveness of your security. One way to do this is to configure the system to log certain types of messages. Then you can monitor the logs to see if anything of interest or concern has occurred.
To configure user audit logs, use the ObjectServer properties or command-line options described in the following table.
| Property | Command-line option | Description |
|---|---|---|
| Sec.AuditLog string | -secauditlog string | Specifies the file to which audit information is written. The default is $NCHOME/omnibus/log/servername/audit.log. |
| Sec.AuditLevel string | -secauditlevel string | Specifies the level of security auditing performed. Possible values are debug, info, warn, and error. The default is warn. The debug and info levels generate messages for authentication successes and failures, while warn and error generate messages for authentication failures only. |
As part of your security process, check your logs frequently.