The Indeed Axidian Log Server component allows recording to record events from all Indeed Certificate Manager CertiFlow servers in a Unified Windows Event Log, Microsoft SQL Database, PostgreSQL or Syslog servers.
| Info |
|---|
The component is installed Install Axidian Log Server on one of Indeed CM the CertiFlow servers or on a separate workstation (in within or outside the domain or outside it). The system requirements for installing the component System requirements are the same as the Indeed CM for Axidian CertiFlow server. |
Installing Axidian Log Server
- Sign Log in to the workstation as a local administrator.
- Install the Indeed Log Server by running Indeed
Run Axidian.LogServer-<version number>.x64.msi
installer (installer. The installer is located in
the IndeedAxidian.Log.Server directory
).
- Copy the following files from IndeedcmSchema.config. file from Axidian.Log.Server directory : To theand move it to C:\inetpub\wwwroot\lsdirectory copy cmSchema.
- Copy eventLogTarget.config, msSqlTarget.config, pgSqlTarget.config and sysLogTarget.config. To the files and move them to C:\inetpub\wwwroot\ls\targetConfigsdirectory copy cmEventLogTarget.config, cmMsSqlTarget.config, cmPgSqlTarget.config and cmSysLogTarget.config.
| Note |
|---|
Indeed Axidian Log Server works with one Read storage (<ReadTargetId>) and with multiple Write storages (<WriteTargets>). |
| Warning |
|---|
IIS role restart is required to To apply changes in configuration files, restart the IIS. |
Configuring event reading and writing
eventsto
theWindows event log
Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) as follows:
In Add the following data in Application section, add:
Code Block language xml firstline 35 <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmEventLogTarget<<ReadTargetId>eventLogTarget</ReadTargetId> <WriteTargets> <TargetId>cmEventLogTarget<<TargetId>eventLogTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>
In the Targets section add Add a new element in Targets section:
Code Block language xml <Targets> <Target Id="cmEventLogTargeteventLogTarget" Type="eventlog"/> </Targets>
- Save the changes and close the configuration file.
Configuring event reading and writing in MS SQL
The database for storing Indeed used as data storage for Axidian Log Server data should be is created manually, and is filling . The database contents are populated automatically.
- Create a database with an arbitrary name in the SQL Management Studio environmentStudio environment:
- In the Object Explorer right-click the Databases tab.
- Select New database... item from the context menu .
- Specify the Database name: , e.g., LogServer.
In the Owner: field , define the database owner of the database being created.
Info Create a new account (say, servicesqle.g. cfServiceSql) or use any internal SQL account or Active Directory account (e.g., service account to be used with Indeed CM: servicecm). After the database is created. Once you create the database, this account would possess is granted db_owner, public privileges and shall be used by the system . The service account is now used to perform read/write operations from/to the database.
Save Click ОК to save the created database by clicking ОК.
Scroll Pagebreak 
- Edit the cmMsSqlTargetmsSqlTarget.config file (C:\inetpub\wwwroot\ls\targetConfigs\cmMsSqlTargetmsSqlTarget.config) according to the settings belowas follows:
<Settings> … </Settings>:- Data Source - this this parameter defines the server instance. The parameter is mandatory for all connections. Admissible values are: network name or server IP address, local or localhost for local connections.
- Database - database database name (ILS).
- User Id - the name of the service account name used to connect to the database.
Password - service account password.
Code Block language xml <Settings> <ConnectionString>Data Source=MSSQL\SQLEXPRESS;Database=LogServer;User Id=servicesqlcfServiceSql;Password=P@ssw0rd</ConnectionString> </Settings>
Note If you use a named instance of Microsoft SQL Server, specify the Server parameter value in the following format: <server name>\<instance name>:
Code Block <Settings> <ConnectionString>Server=sql\Named instance; ... </ConnectionString> </Settings>
Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to working operate with cmMsSqlTargetmsSqlTarget.config as follows:
In Add the following data in Application section, add:
Code Block language xml <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmMsSqlTarget<<ReadTargetId>msSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmMsSqlTarget<<TargetId>msSqlTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>
In Add a new element in the Targets section add a new element:
Code Block language xml <Targets> <Target Id="cmMsSqlTargetmsSqlTarget" Type="mssql"/> </Targets>
- Save the changes and close the configuration file.
Configuring event reading and writing in PostgreSQL
The database for storing Indeed used as data storage for Axidian Log Server data is created manually, and it is filled . The database contents are populated automatically.
- Create the database in PostgreSQL (for example, via pgAdmin):
- In In Browser section right-click on the Databases menu item, select Create Databases and select Create > Database...
- Enter database name, for example LogServer,in the Name field on General tab. Select the service account (for example, servicepg) in the Owner list which will be the database name in the Database field on General tab. Select a service account in the Owner field. This service account is used to connect to the database, then click . Click Save.
- In In Browser section right-click on the Databases menu item, select Create Databases and select Create > Database...
- Grant privileges to service account on database tables:
- Select created database and go to click
to open the Query Tool (by clicking on button or by pressing ALT+SHIFT+Q). Enter the text of the request , specifying and specify the account name in it:
Code Block language sql GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "service account without quotesname";
- Select Execute/Refresh
in Query Tool to grant privileges.
- Select created database and go to click
By default, you can connect to PostgreSQL allows only localhost connections, so there is changes in configuration are required to grant access from other hostdatabases only locally. To operate between several servers, configure a remote connection to the database:
Open the pg_hba.conf in PostgreSQL directory.
Info title Pg_hba.conf file location: For Windows —
C:\Program Files\PostgreSQL\<version number>\dataFor *nix —
/etc/postgresql/<version number>/mainAdd a line with the following formatparameters:
Code Block CONNECTIONTYPE DATABASE USER ADDRESS METHOD
Where:
- CONNECTIONTYPE - Connection type. "host" specified, local or TCP/IP connection type. To use TCP/IP connection will be used, you can specify host as CONNECTIONTYPE.
- DATABASE - Name name of the database (ALL to permit . To allow connections to all databases), enter ALL.
- USER - Database database user account(ALL to permit . To allow connections from all accounts), enter ALL.
- ADDRESS - range of IP-addresses/IP-address/hostname of the Indeed Certificate Manager server (CertiFlow server. To allow connections from any IP-address, enter 0.0.0.0/0 to permit connections from any IP-address).
METHOD - User account authentication method (for example, of user account. E.g. md5, scram-sha-256).
Code Block title Examples:Example host LogServer servicepgcfServiceSql 192.200.1.0/24 md5 host ALL servicepgcfServiceSql 10.0.0.0/8 md5 host ALL ALL 0.0.0.0/0 scram-sha-256
- Edit the cmPgSqlTargetpgSqlTarget.config file (C:\inetpub\wwwroot\ls\targetConfigs\cmPgSqlTargetpgSqlTarget.config) according to the settings belowas follows:
<Settings> … </Settings>:- Host - name or IP- Name address of the PostgreSQL server.
- Port - The TCP port that used to connect to PostgreSQL server listens on (default value is 5432 by default).
- Database - Database name created in step 1name of the database.
- Username - Service service account with that has access to the database.
Password - Service service account password.
Code Block language xml <Settings> <ConnectionString>Host=SRV-POSTGRESQL;Port=5432;Database=LogServer;Username=servicepgcfServiceSql;Password=P@ssw0rd</ConnectionString> </Settings>
Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to working operate with cmPgSqlTarget pgSqlTarget.config as follows:
In the Add new TargetIds for ReadTarget and WriteTarget in Application section, add:
Code Block language xml <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmPgSqlTarget<<ReadTargetId>pgSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmPgSqlTarget<<TargetId>pgSqlTarget</TargetId> </WriteTargets> <AccessControl> <!-- <CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" /> --> </AccessControl> </Application>In the Targets section add Add a new element in Targets section:
Code Block language xml <Targets> <Target Id="cmPgSqlTargetpgSqlTarget" Type="pgsql"/> <Target Id="cmSysLogTarget" Type="syslog"/> </Targets>
Configuring event writing in Syslog
| Note |
|---|
Indeed Syslog is limited to events writing only (<WriteTargets>), events reading is not available. Axidian Log Server supports only event writing to Syslog (<WriteTargets>) due to restrictions of Syslog protocol. Example below complements configuration from PostgreSQL case. |
- Edit the cmSysLogargetsysLogarget.config file file (C:\inetpub\wwwroot\ls\targetConfigs\cmSysLogTargetsysLogTarget.config) according to the settings belowas follows:
<Settings> … </Settings>:- HostName - Name name or IP-address of the Syslog server.
- Port - Specify port that port used to connect to Syslog server listens on (default value is 514 by default).
Protocol - type of connection type to the Syslog server: UDP, TCP, TCPoverTLS.
- Format - optional, specify Format (optional)- logs format: Plain, CEF, LEEF.
SyslogVersion - optional, specify protocol of the Syslog (optional) - Syslog protocol: RFC3164, RFC5424.
Code Block language xml <Settings HostName="SRV-SYSLOG" Port="514" Protocol="udpUDP"/>
- Edit Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to work with cmSysLogTarget sysLogTarget.config as follows:
In Add the following data in Application section, add:
Code Block language xml <Applications> <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmPgSqlTarget<<ReadTargetId>pgSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmPgSqlTarget<<TargetId>pgSqlTarget</TargetId> <TargetId>cmSysLogTarget<<TargetId>sysLogTarget</TargetId> </WriteTargets> <AccessControl> <!-- <CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" /> --> </AccessControl> </Application> </Applications>
In the Targets section add Add a new element in Targets section:
Code Block language xml <Targets> <Target Id="cmPgSqlTargetpgSqlTarget" Type="pgsql"/> <Target Id="cmSysLogTargetsysLogTarget" Type="syslog"/> </Targets>
| Attachments | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
| Divbox | ||||
|---|---|---|---|---|
| ||||
|