Logging Variables
Endpoint Privilege Management for Unix and Linux uses logging variables to store both system and task-specific information. Using the Security Policy Scripting Language, the Security Administrator can query this information and use it to make security-related decisions about the current task request.
The following table summarizes the logging variables.
Variable | Description |
event | Specifies the type of Endpoint Privilege Management for Unix and Linux event that is currently logged. This is a global variable. |
eventlog | Contains the absolute path specification for the current Endpoint Privilege Management for Unix and Linux event log. |
exitdate | Contains the completion date for the current task request. |
exitstatus | Contains the task completion code, also called the return code, for the current task request. |
exittime | Contains the time, in HH:MM:SS format, of completion for the current task request. |
forbidkeyaction | Obsolete. Defines the action taken when a forbidden key sequence is entered during the execution of the current request. |
forbidkeypatterns | Obsolete. Defines the forbidden keystroke sequences, patterns, or both. An element in the forbidkeypatterns list represents each forbidden keystroke pattern or sequence. |
i18n_exitdate | Contains the UTF-8 encoded completion date for the current task request. |
i18n_exittime | Contains the UTF-8 encoded completion time for the current task request. |
iolog | Contains that absolute path specification for the current I/O log file. |
logmaximumfailures | Controls the maximum number of log failures for a job. |
lognopassword | Determines whether non-echoed input, such as passwords, is written to the I/O log file when I/O logging is active. |
logomit | Specifies which Endpoint Privilege Management for Unix and Linux variables to omit from the event log. Use this user-defined variable to reduce the disk space that is used by the event log. |
logstderr | Specifies whether error output from the current task request is recorded in the I/O log. |
logstderrlimit | Places a limit on the number of bytes from the standard error stream that Endpoint Privilege Management for Unix and Linux writes to the I/O log at a time. |
logstdin | Specifies whether input from the current task request is logged to the I/O log. |
logstdinlimit | Places a limit on the number of bytes from the standard input stream that Endpoint Privilege Management for Unix and Linux writes to an I/O log at a time. |
logstdout | Specifies whether normal output from the current task request is logged to the I/O log. |
logstdoutlimit | Places a limit on the number of bytes from the standard output stream that Endpoint Privilege Management for Unix and Linux writes to the I/O log at a time. |
passwordloggingprompts |
Specifies the password prompts to be recognized when the lognopassword variable is set. |