On 08/29/2018 08:56 AM, Alexander Bokovoy via FreeIPA-users wrote:
On ke, 29 elo 2018, Quan Zhou via FreeIPA-users wrote:
I have a similar question, should the audit logs be enabled on the
master
or replicas? If it's only enabled on replicas would the date be
consistent
with the actual date of change or just the "date" replication happens?
Each IPA master/replica is standalone with regards to audit logging.
There is no aggregation so if you need all details from everywhere, you
should be configuring aggregation yourself.
since all changes are replicated in the end the audit logs on all
replicas should contain the same set of changes, but the order could be
different.
And there are some changes which are excluded from replication.
And you should be aware that the audit log contains the changes in the
order they are received and applied, but update resolution ensures that
the changes are effective in the order of their creation (tagged by the
csn).
On Wed, Aug 29, 2018 at 7:05 AM Joshua Ruybal via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
Hi,
This is more a question than a problem, however I was unable to find
the
answer anywhere in the documentation.
I've enabled audit logs on one of my three replicated IPA servers. I
noticed that Audit logs are not enabled on either of the other two
servers.
In order to cover all changes to LDAP for auditing purposes, do I
need to
enable and collect audit logs on all three servers?
--
<http://www.owneriq.com/>
*Joshua Ruybal *Systems Engineer
o: 206.607.4944 c: 206.724.4549
e: jru...@owneriq.com
<https://www.linkedin.com/company/owneriq-inc->
<https://www.facebook.com/OwnerIQ> <https://twitter.com/owneriq>
<https://www.instagram.com/owneriq_inc> <http://www.owneriq.com/blog/>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
--
Regards,
Quan Zhou
E271C0D1BD90012B8D8EECF6F822BC9F8E1C35C8
quanzhou...@gmail.com
https://keybase.io/qzhou
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
--
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric
Shander
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
