diff options
author | Andrew Bartlett <abartlet@samba.org> | 2021-04-16 10:43:07 +1200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2021-05-03 08:17:13 +0000 |
commit | 8feeac11f7e4453bc3c5f826ba2694ea9937b430 (patch) | |
tree | 91ad7c885854f2a3073e6be142d470e32c7635c4 /docs-xml | |
parent | 83c39f1e4ee15ba4660a102b487eb4a44d6084dd (diff) | |
download | samba-8feeac11f7e4453bc3c5f826ba2694ea9937b430.tar.gz |
docs: Expand the "log level" docs on audit logging
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 38fe888f95f8d22736080ed521939be932e7bca0)
Diffstat (limited to 'docs-xml')
-rw-r--r-- | docs-xml/smbdotconf/logging/loglevel.xml | 38 |
1 files changed, 33 insertions, 5 deletions
diff --git a/docs-xml/smbdotconf/logging/loglevel.xml b/docs-xml/smbdotconf/logging/loglevel.xml index 6ee9cdceb87..4c6bb5e7e73 100644 --- a/docs-xml/smbdotconf/logging/loglevel.xml +++ b/docs-xml/smbdotconf/logging/loglevel.xml @@ -84,25 +84,53 @@ <listitem><para>5: Anonymous Authentication and Authorization Success</para></listitem> </itemizedlist> - <para>Changes to the <command moreinfo="none">sam.ldb</command> + <para>Changes to the AD DC <command moreinfo="none">sam.ldb</command> database are logged under the <parameter>dsdb_audit</parameter> and a JSON representation is logged under <parameter>dsdb_json_audit</parameter>.</para> - <para>Group membership changes to the <command + <para>Group membership changes to the AD DC <command moreinfo="none">sam.ldb</command> database are logged under the <parameter>dsdb_group_audit</parameter> and a JSON representation is logged under <parameter>dsdb_group_json_audit</parameter>.</para> - <para>Password changes and Password resets are logged under - <parameter>dsdb_password_audit</parameter> and a JSON representation is logged under the - <parameter>dsdb_password_json_audit</parameter>.</para> + <para>Log levels for <parameter>dsdb_audit</parameter>, + <parameter>dsdb_json_audit</parameter>, + <parameter>dsdb_group_audit</parameter>, + <parameter>dsdb_group_json_audit</parameter> and + <parameter>dsdb_json_audit</parameter> are:</para> + <itemizedlist> + <listitem><para>5: Database modifications</para></listitem> + <listitem><para>5: Replicated updates from another DC</para></listitem> + </itemizedlist> + + <para>Password changes and Password resets in the AD DC are logged + under <parameter>dsdb_password_audit</parameter> and a JSON + representation is logged under the + <parameter>dsdb_password_json_audit</parameter>. Password changes + will also appears as authentication events via + <parameter>auth_audit</parameter> and + <parameter>auth_audit_json</parameter>.</para> + + <para>Log levels for <parameter>dsdb_password_audit</parameter> and + <parameter>dsdb_password_json_audit</parameter> are:</para> + <itemizedlist> + <listitem><para>5: Successful password changes and resets</para></listitem> + </itemizedlist> <para>Transaction rollbacks and prepare commit failures are logged under the <parameter>dsdb_transaction_audit</parameter> and a JSON representation is logged under the <parameter>dsdb_transaction_json_audit</parameter>. </para> + <para>Log levels for <parameter>dsdb_transaction_audit</parameter> and + <parameter>dsdb_transaction_json</parameter> are:</para> + + <itemizedlist> + <listitem><para>5: Transaction failure (rollback)</para></listitem> + <listitem><para>10: Transaction success (commit)</para></listitem> + </itemizedlist> + <para>Transaction roll-backs are possible in Samba, and whilst they rarely reflect anything more than the failure of an individual operation (say due to the add of a conflicting record), |