XDAS events are no longer being received after applying eDirectory 8.8 SP8 Patch 1

XDAS auditing was previously configured and working on a server.  After applying eDirectory 8.8 SP8 Patch 1, events were no longer being logged for this machine.

 

During the installation of eDirectory 8.8 SP8 Patch 1 the admin is presented with the following prompt:

""novell-AUDTplatformagent" is not installed. Do you want to install it now?"

eDirectory 8.8 SP8 Patch 1 incorrectly attempts to install the platform agent, novell-AUDTplatformagent.x86_64.rpm.  This rpm renames the current /etc/logevent.conf file to /etc/logevent.rpmsave.  It then creates a new /etc/logevent.conf file with the default settings including a host address of 127.0.0.1.

 

To resolve this issue rename  /etc/logevent.rpmsave back to  /etc/logevent.conf.  Then restart the XDAS audit module.

ndstrace -c "unload xdasauditds"
ndstrace -c "load xdasauditds"

 

The intention going forward will be to not include the instrumentation rpm in eDirectory patches.