AD Bridge Event Logging

The BeyondTrust AD Bridge product enables you to attach Unix and Linux computers to a Microsoft Active Directory domain and manage them using Group Policies. Privilege Management for Unix and Linux can send information about certain events to AD Bridge for logging and reporting purposes. The settings in this section enable and configure the sending of event information to AD Bridge.

loadpbislibs

  • Version 6.2 and earlier:loadpbislibs setting not available.
  • Version 7.0 and later: loadpbislibs setting available.

The loadpbislibs setting loads the shared AD Bridge library at runtime, regardless of the value of the pbis_event_logging setting, provided that the sharedlibpbisdependencies setting is set with valid values and not set to none.

loadpbislibs yes
loadpbislibs no
  • Submit hosts
  • Run hosts
  • Policy server hosts
  • Log hosts

pbis_event_logging

  • Version 6.2 and earlier: pbis_event_logging setting not available.
  • Version 7.0 and later: pbis_event_logging setting available.

The pbis_event_logging setting controls the writing of Privilege Management for Unix and Linux events (Accept, Reject, Finish, and Keystroke Action) to the AD Bridge event log database. A value of yes enables sending event information to AD Bridge and a value of no disables sending event information to AD Bridge. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_event_logging yes
pbis_event_logging no
  • Policy server hosts
  • Log hosts

pbis_log_connect_success

  • Version 6.2 and earlier: pbis_log_connect_success setting not available.
  • Version 7.0 and later: pbis_log_connect_success setting available.

The pbis_log_connect_success setting enables the sending of successful-connection events (to log hosts and policy server hosts) to the AD Bridge event log database. It also controls the posting of an event to AD Bridge if the policy server host is able to connect to the run host. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_log_connect_success yes
pbis_log_connect_success no
  • Policy server hosts
  • Submit hosts
  • Run hosts

pbis_log_failover

  • Version 6.2 and earlier: pbis_log_failover setting not available.
  • Version 7.0 and later: pbis_log_failover setting available.

The pbis_log_failover setting enables the sending of policy server host and log host failover events to the AD Bridge event log database. It also controls the posting of an event to AD Bridge if the policy server host finds the run host unresponsive. For this setting to have any effect, the sharedlibpbisdependencies setting must be set with valid values and not set to none.

pbis_log_failover yes
pbis_log_failover no
  • Policy server hosts
  • Submit hosts
  • Run hosts

sharedlibpbisdependencies

  • Version 6.2 and earlier:sharedlibpbisdependencies setting not available.
  • Version 7.0 and later:sharedlibpbisdependencies setting available.

The sharedlibpbisdependencies setting specifies the shared libraries that are used to send event information to the AD Bridge event log. When set to none or when not set at all, no event information is sent to AD Bridge. If libraries are specified but they fail to load properly, Privilege Management for Unix and Linux records an error message and continues to operate without sending event information to AD Bridge.

sharedlibpbisdependencies
/opt/pbis/lib/libeventlog_norpc.so.0.0.0 /opt/pbis/lib/liblwbase_nothr.so.0.0.0

The default value depends on the Privilege Management for Unix and Linux flavor and is determined at installation. You can change the value of this setting while running the Privilege Management for Unix and Linux installer or by modifying the pb.settings file after installation.

  • Policy server hosts
  • Log hosts
  • Submit hosts
  • Run hosts