AD Bridge Event Logging

The BeyondTrust AD Bridge product enables you to attach Unix and Linux computers to a Microsoft Active Directory domain and manage them using Group Policies. Endpoint Privilege Management for Unix and Linux can send information about certain events to AD Bridge for logging and reporting purposes. The settings in this section enable and configure the sending of event information to AD Bridge.

loadpbislibs

Version 6.2 and earlier:loadpbislibs setting not available.
Version 7.0 and later: loadpbislibs setting available.

The loadpbislibs setting loads the shared AD Bridge library at runtime, regardless of the value of the pbis_event_logging setting, provided that the sharedlibpbisdependencies setting is set with valid values and not set to none.

loadpbislibs yes

Default

loadpbislibs no

Used On

Submit hosts
Run hosts
Policy server hosts
Log hosts

pbis_event_logging

Version 6.2 and earlier: pbis_event_logging setting not available.
Version 7.0 and later: pbis_event_logging setting available.

The pbis_event_logging setting controls the writing of Endpoint Privilege Management for Unix and Linux events (Accept, Reject, Finish, and Keystroke Action) to the AD Bridge event log database. A value of yes enables sending event information to AD Bridge and a value of no disables sending event information to AD Bridge. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_event_logging yes

Default

pbis_event_logging no

Used On

Policy server hosts
Log hosts

pbis_log_connect_success

Version 6.2 and earlier: pbis_log_connect_success setting not available.
Version 7.0 and later: pbis_log_connect_success setting available.

The pbis_log_connect_success setting enables the sending of successful-connection events (to log hosts and policy server hosts) to the AD Bridge event log database. It also controls the posting of an event to AD Bridge if the policy server host is able to connect to the run host. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_log_connect_success yes

Default

pbis_log_connect_success no

Used On

Policy server hosts
Submit hosts
Run hosts

pbis_log_failover

Version 6.2 and earlier: pbis_log_failover setting not available.
Version 7.0 and later: pbis_log_failover setting available.

The pbis_log_failover setting enables the sending of policy server host and log host failover events to the AD Bridge event log database. It also controls the posting of an event to AD Bridge if the policy server host finds the run host unresponsive. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_log_failover yes

Default

pbis_log_failover no

Used On

Policy server hosts
Submit hosts
Run hosts

sharedlibpbisdependencies

Version 6.2 and earlier:sharedlibpbisdependencies setting not available.
Version 7.0 and later:sharedlibpbisdependencies setting available.

The sharedlibpbisdependencies setting specifies the shared libraries that are used to send event information to the AD Bridge event log. When set to none or when not set at all, no event information is sent to AD Bridge. If libraries are specified but they fail to load properly, Endpoint Privilege Management for Unix and Linux records an error message and continues to operate without sending event information to AD Bridge.

sharedlibpbisdependencies
/opt/pbis/lib/libeventlog_norpc.so.0.0.0 /opt/pbis/lib/liblwbase_nothr.so.0.0.0

Default

The default value depends on the Endpoint Privilege Management for Unix and Linux flavor and is determined at installation. You can change the value of this setting while running the Endpoint Privilege Management for Unix and Linux installer or by modifying the pb.settings file after installation.

Used On

Policy server hosts
Log hosts
Submit hosts
Run hosts