Previous Page

|

Next Page

Administering Logging for SAS Servers

About Metadata Server Loggers

The logging facility includes loggers for the following categories of events that are specifically related to the SAS Metadata Server:

• security auditing events

• metadata server and metadata repository management events

• change management events

• input and output events

• performance-related events

The initial logging configuration is set up to log these event categories, except for performance-related events, at the INFO, WARN, ERROR and FATAL levels. The loggers are as follows:

App.Meta

is the parent logger for metadata server events. Logging levels that are defined for this logger are inherited by its child loggers (including App.Meta.CM, App.Meta.IO, and App.Meta.Mgmt) unless they are explicitly overridden.

App.Meta.CM

logs change management events including check-in and check-out.

App.Meta.IO

logs low-level input and output activity.

App.Meta.Mgmt

logs metadata server management activity such as the following:

• server operation actions such as pause, resume, and refresh

• creating and deleting repositories

• modifying repository access modes

• repository backup and migration

If you want to capture these events in the operating system facility, see Capture Metadata Server Management Events in the System Facility Appender.

Audit.Meta.Security

is the parent logger for metadata server security events. No events are written directly to this logger. Logging levels that are defined for this logger are inherited by its child loggers (for example, Audit.Meta.Security.AccCtrlAdm) unless the levels are explicitly overridden.

Audit.Meta.Security.AccCtrlAdm

logs changes to permissions, permission settings, and access control templates (ACTs); and changes to passwords for objects such as tables and connections (including adding, deleting, and modifying passwords, as well as failed attempts to perform these actions).

Audit.Meta.Security.GrpAdm

logs changes to group or role membership (including adding and removing members, and failed attempts to perform these actions).

Audit.Meta.Security.UserAdm

logs changes to users, groups, roles, logins, and authentication domains (including adding, deleting, and modifying these objects, as well as failed attempts to perform these actions).

Perf.Meta

logs performance-related events. This information previously was available through the OMA_ARM subsystem.

The following are examples of security auditing messages.

2008-07-22T14:22:14,222 INFO  [00222108] 2504:User123@saspw - Added 
IdentityType=Person  Name=Test User, ObjId=A5LL3EE0.AN00000D. 

2008-07-22T14:22:14,222 INFO  [00222108] 2504:User123@saspw - Added Member 
IdentityType=Person  Name=Test User, ObjId=A5LL3EE0.AN00000D to IdentityGroup  
Name=BI Dashboard Users, ObjId=A5LL3EE0.A300000O. 

2008-07-22T14:22:14,222 INFO  [00222108] 2504:User123@saspw - Added Login with 
UserId=Test User, ObjId=A5LL3EE0.AQ00000F, AuthDomain=DefaultAuth to 
IdentityType=Person Name=Test User, ObjId=A5LL3EE0.AN00000D.

These messages record the addition of a new user identity (Test User), the addition of the user to the BI Dashboard Users group, and the creation of a login for the user. Each message includes:

• the event date and time

• the logging level

• the thread identifier (in brackets)

• the client ID

• the user identity that is associated with the current thread or task

• the generated message, preceded by a hyphen

Note:   The metadata server also generates performance counters. For details, see Using the Server Performance Counters and Information Fields.  

Previous Page

|

Next Page

|

Top of Page

Copyright © 2011 by SAS Institute Inc., Cary, NC, USA. All rights reserved.