Environment
Novell Audit 2.0.2 iManger - queries
Novell Audit 2.0.2
Novell iManager 2.5
Novell iManager 2.6
Situation
In iManager going to Auditing and Logging: Queries allows the
administrator to run queries directly against a database where
Audit events are stored. There are four default queries and
others can be defined by the user. Changing instances of
iManager means the queries must be re-created for the same queries
to work on all systems.
Resolution
The Queries are stored in the filesystem where iManager is
located. The XML-based file is located at the following
location relative to the base of iManager:
*nix: /var/opt/novell/iManager/nps/WEB-INF/config/NDS-queryconfig/
Mobile/Workstation iManager: ./iManager/tomcat/webapps/nps/WEB-INF/config/NDS-queryconfig/
NetWare: sys:/tomcat/4/webapps/nps/WEB-INF/config/NDS-queryconfig/
Inside this directory is a file named nauditQueryConfig.xml which contains the database settings as well as the queries defined for that database. This file can be moved from server to server so they all have the same settings. This file is not encrypted so care should be taken if the password is stored.
A new MySQL user should be used with just read rights to prevent the manipulation of Audit data.
*nix: /var/opt/novell/iManager/nps/WEB-INF/config/NDS
Mobile/Workstation iManager: ./iManager/tomcat/webapps/nps/WEB-INF/config/NDS
NetWare: sys:/tomcat/4/webapps/nps/WEB-INF/config/NDS
Inside this directory is a file named nauditQueryConfig.xml which contains the database settings as well as the queries defined for that database. This file can be moved from server to server so they all have the same settings. This file is not encrypted so care should be taken if the password is stored.
A new MySQL user should be used with just read rights to prevent the manipulation of Audit data.