Directory Services 7.4.3

CSV File Access Log Publisher (DEPRECATED)

DEPRECATED for removal since 7.2.0: The Audit Event Handlers are deprecated. Alternative: Convert JSON logs to CSV.

CSV File Access Log Publishers publish access messages to CSV files.

Parent

The CSV File Access Log Publisher object inherits from Common Audit Access Log Publisher.

Dependencies

CSV File Access Log Publishers depend on the following objects:

CSV File Access Log Publisher properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

csv-delimiter-char
enabled
filtering-policy
key-store-file
key-store-pin
log-controls
log-directory
log-field-blacklist
log-file-name-prefix
retention-policy
rotation-policy
tamper-evident

asynchronous
auto-flush
csv-eol-symbols
csv-quote-char
java-class
signature-time-interval
suppress-internal-operations
suppress-synchronization-operations

Basic properties

Use the --advanced option to access advanced properties.

csv-delimiter-char

Synopsis

The delimiter character to use when writing in CSV format.

Default value

,

Allowed values

The delimiter character to use when writing in CSV format.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

enabled

Synopsis

Indicates whether the Log Publisher is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

filtering-policy

Synopsis

Specifies how filtering criteria should be applied to log records.

Default value

no-filtering

Allowed values

  • exclusive: Records must not match any of the filtering criteria in order to be logged.

  • inclusive: Records must match at least one of the filtering criteria in order to be logged.

  • no-filtering: No filtering will be performed, and all records will be logged.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

key-store-file

Synopsis

Specifies the path to the file that contains the private key information. This may be an absolute path, or a path that is relative to the OpenDJ instance root.

Description

Changes to this property will take effect the next time that the key store is accessed.

Default value

None

Allowed values

A path to an existing file that is readable by the server.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

key-store-pin

Synopsis

Specifies the clear-text PIN needed to access the CSV File Access Log Publisher .

Default value

None

Allowed values

A string.

Multi-valued

No

Required

No

Admin action required

None

Changes to this property will take effect the next time that the CSV File Access Log Publisher is accessed.

Advanced

No

Read-only

No

log-controls

Synopsis

Specifies whether controls with criticality and values will be included in operation log records.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-directory

Synopsis

The directory to use for the log files generated by the CSV File Access Log Publisher. The path to the directory is relative to the server root.

Default value

logs

Allowed values

A path to an existing directory that is readable and writable by the server.

Multi-valued

No

Required

Yes

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

No

Read-only

No

log-field-blacklist

Synopsis

List of fields that the server omits from access log messages.

Description

Valid values for this property are JSON paths for fields present in the log file.

Default value

No message elements are blacklisted by default

Allowed values

A JSON path to an existing object of the access event definition.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-file-name-prefix

Synopsis

File name prefix (without extension) for CSV and JSON file based access log publishers.

Default value

ldap-access

Allowed values

A string.

Multi-valued

No

Required

No

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

No

Read-only

No

retention-policy

Synopsis

The retention policy to use for the CSV File Access Log Publisher .

Description

When multiple policies are used, log files are cleaned when any of the policy’s conditions are met.

Default value

No retention policy is used and log files are never cleaned.

Allowed values

The name of an existing log-retention-policy.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

rotation-policy

Synopsis

The rotation policy to use for the CSV File Access Log Publisher .

Description

When multiple policies are used, rotation will occur if any policy’s conditions are met.

Default value

No rotation policy is used and log rotation will not occur.

Allowed values

The name of an existing log-rotation-policy.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

tamper-evident

Synopsis

Specifies whether the log should be signed in order to detect tampering.

Description

Every log record will be signed, making it possible to verify that the log has not been tampered with. This feature has a significant impact on performance of the server.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

asynchronous

Synopsis

Indicates whether the CSV File Access Log Publisher will publish records asynchronously.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

auto-flush

Synopsis

Specifies whether to flush the writer after every log record.

Description

If the asynchronous writes option is used, the writer is flushed after all the log records in the queue are written.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

csv-eol-symbols

Synopsis

The string that marks the end of a line.

Default value

Use the platform specific end of line character sequence.

Allowed values

The string that marks the end of a line.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

csv-quote-char

Synopsis

The character to append and prepend to a CSV field when writing in CSV format.

Default value

"

Allowed values

The quote character to use when writing in CSV format.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

java-class

Synopsis

The fully-qualified name of the Java class that provides the CSV File Access Log Publisher implementation.

Default value

org.opends.server.loggers.CsvFileAccessLogPublisher

Allowed values

A Java class that extends or implements:

  • org.opends.server.loggers.LogPublisher

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

signature-time-interval

Synopsis

Specifies the interval at which to sign the log file when the tamper-evident option is enabled.

Default value

3s

Allowed values

Uses duration syntax.

Lower limit: 1 milliseconds.

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

suppress-internal-operations

Synopsis

Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

suppress-synchronization-operations

Synopsis

Indicates whether access messages that are generated by synchronization operations should be suppressed.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No