How do I enable logging in Group Policy Guardian? (NETIQKB44508)

  • Document ID:7744508
  • Creation Date:02-Feb-2007
  • Modified Date:15-Mar-2013
    • Micro Focus Products:
      Change Guardian

Environment

NetIQ Group Policy Guardian 1.6
NetIQ Group Policy Guardian 2.0
NetIQ Group Policy Guardina 2.0 SP1

Resolution

Goal
How do I enable logging in Group Policy Guardian?

Goal
Does GPG have any logging capability?

Goal
How can I get audit information from Group Policy Guardian?

Fact
NetIQ Group Policy Guardian 1.6
NetIQ Group Policy Guardian 2.0
NetIQ Group Policy Guardina 2.0 SP1

Fix

To enable or increase the logging for Group Policy Guardian 2.0:

  1. Access the registry key HKLM\SOFTWARE\FullArmor\FAZAM GP Auditing\Logging. Under the registry key, there are sub-keys for each piece of the GPG application (AuditingService, ControlService, EventAudit, Reporting).
  2. Using the sub-keys "TraceLevel" string value, specify the location and detail level of the logs. The maximum value that provides the most detailed information is 9 for all logs except reporting. The reporting log entry can be increased to 10. By default, most logs are stored in the \Documents and Settings\All Users\Application Data\NetIQ\GPG directory. There are additional logs under Documents and Settings\All Users\Application Data\NetIQ\GPG\DB, including an Install.log file with the output of the database scripts that are executed during the install.
  3. Restart the console and services to pick up the changes. 
  4. If you have made changes to reporting logging, restart the IIS server using Internet Services Manager.

To enable or increase the logging for Group Policy Guardian 1.6:

  1. Get the latest EventAudit.exe.
  2. Create a directory temp under C:\ before restarting the service.
  3. Create the DebugTrace key under HKLM\Software\FullArmor\FAZAM GP Auditing.
  4. To enable tracing, the verbosity value under DebugTrace should be set to 2.
  5. Run EventAudit.exe to generate the EventAudit.log file in the C:\temp directory. 

Adding the following XML to the faAuditingService.exe.config inside the configuration tab will also create the log file with Auditing services logging.

<system.diagnostics>
<trace autoflush="true">
<listeners>
<add name="LogFile" type="System.Diagnostics.TextWriterTraceListener" initializeData="C:\temp\faAuditingService.exe.log"/>
<remove name>
<listeners>
<trace><system.diagnostics>

Note

Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. NetIQ Technical Support cannot guarantee that problems resulting from the incorrect use of the Registry Editor can be resolved. Make sure that you back up your Registry prior to making any changes.

Additional Information

Formerly known as NETIQKB44508