How to enable the client log

Document ID:7021106
Creation Date:18-Jul-2017
Modified Date:04-Sep-2018
- Micro Focus Products:
  Privileged Account Manager (Privileged User Manager)

Environment

NetIQ Privileged Account Manager

Situation

How to enable the client log for forked processes
Logs generated by the forked processes will not be present in the standard unifid.log
The client log can be enabled to capture events for these forked processes

How to capture logs for client connections not captured in the unifid.log

Example of forked client processes: sshrelay, rdprelay.

Resolution

Edit /opt/netiq/npum/config/unifi.xml and add the following line nested within as a child to the <Unifi> tag:
<ClientLog level="trace" file="logs/client.log" max_size="10"/>
Note: Restarting the NPUM service is optional after adding this line.
Try the client-type connection or session once more for the log to be generated and begin capture.
Please find this log in the following location:
/opt/netiq/npum/logs/client.log
C:\Program Files\Netiq\npum\logs\client.log
Note: Any new client sessions that occur on this server will start being logged here.
When finished, please disable the client log so unnecessary logging does not occur consuming disk space.
Either remove the line added in Step 1 above or encapsulate it within an xml comment:

Then restart the PAM service for the settings to be picked up.

Additional Information

The following is an example of where this client log tag can be placed: