Event type filters collection

The Event type filters panel displays a listing of all configured audit specifications with their unique names, the state of their enablement, and the event types and event outcomes that are specified for each configuration.

To view this administrative console page, click Security > Security Auditing > Event type filters.

Name

The Name field displays the unique name of the event type filter that is being represented.

Enable

The Enable check box species the state of enablement for the filter. This field is represented as a boolean value. A value of true specifies that the enable field associated with the audit specification in the audit.xml is set to true. It does not imply that all configured event factories and service providers will be using this filter. Filters are enabled by default when they are created. Even though it is enabled by default when it is created, the event type filter must be specified for the event factory and the audit service provider before it is actually used,

Filters still need to be configured for each event factory and service provider. A filter that is configured for an event factory or a service provider that has Enabled set to false, will not gather or report data for the events and outcomes defined in that filter.

Events and outcomes

The event types and the event outcomes that are specified by this filter. The specifications are listed in the form event_type:event_outcome and separated by commas if multiple combinations are specified by the event type filter.




Related tasks
Auditing the security infrastructure
Creating security auditing event type filters
Related reference
Security Auditing detail
Event type filter settings
Reference topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 3:36:59 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-express-iseries&topic=usec_sa_evt_collection
File name: usec_sa_evt_collection.html