Page History

Axidian Log Server allows to record events from all CertiFlow servers in a Unified Windows Event Log, Microsoft SQL, PostgreSQL or Syslog servers.

Installing Axidian Log Server

1. Log in to the workstation as a local administrator.

2. Run Axidian.LogServer-<version number>.x64.msi installer. The installer is located in Axidian.Log.Server directory.

3. Copy cmSchema.config. file from Axidian.Log.Server directory and move it to C:\inetpub\wwwroot\lsdirectory.
4. Copy cmEventLogTargeteventLogTarget.config,   cmMsSqlTargetmsSqlTarget.config, cmPgSqlTarget pgSqlTarget.config and cmSysLogTargetsysLogTarget.config. files and move them to C:\inetpub\wwwroot\ls\targetConfigsdirectory.

Configuring event reading and writing to Windows event log

1. Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) as follows:

   • Add the following data in Application section:

     Code Block
     language xml firstline 35
     <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmEventLogTarget<<ReadTargetId>eventLogTarget</ReadTargetId> <WriteTargets> <TargetId>cmEventLogTarget<<TargetId>eventLogTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>

     
     

   • Add a new element in Targets section:

     Code Block
     language xml
     <Targets> <Target Id="cmEventLogTargeteventLogTarget" Type="eventlog"/> </Targets>

     
     

2. Save changes and close the configuration file.

Configuring event reading and writing in MS SQL

The database used as data storage for Axidian Log Server is created manually. The database contents are populated automatically.

1. Create a database with an arbitrary name in the SQL Management Studio environment:
   • In the Object Explorer right-click the Databases tab.
   • Select New database... item from the context menu .
   • Specify the Database name:, e.g. LogServer.

   • In the Owner: field define the database owner.

     Info
     Create a new account (e.g. cfservicesql cfServiceSql) or use any internal SQL or Active Directory account. Once you create the database, this account is granted db_owner, public privileges. The service account is now used to perform read/write operations from/to the database.

     
     

   • Click ОК to save the database.
     

     Scroll Pagebreak

     
     
     

2. Edit the cmMsSqlTargetmsSqlTarget.config file (C:\inetpub\wwwroot\ls\targetConfigs\cmMsSqlTargetmsSqlTarget.config) as follows:
   <Settings> … </Settings>:
   • Data Source - this parameter defines the server instance. The parameter is mandatory for all connections. Admissible values are: network name or server IP address, local or localhost for local connections.
   • Database - database name (ILS).
   • User Id - name of the service account used to connect to the database.

   • Password - service account password.

     Code Block
     language xml
     <Settings> <ConnectionString>Data Source=MSSQL\SQLEXPRESS;Database=LogServer;User Id=servicesqlcfServiceSql;Password=P@ssw0rd</ConnectionString> </Settings>

     
     

     Note
     If you use a named instance of Microsoft SQL Server, specify the Server parameter value in the following format: <server name>\<instance name>: Code Block <Settings> <ConnectionString>Server=sql\Named instance; ... </ConnectionString> </Settings>

     
     

3. Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to operate with cmMsSqlTargetmsSqlTarget.config as follows:

   • Add the following data in Application section:

     Code Block
     language xml
     <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmMsSqlTarget<<ReadTargetId>msSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmMsSqlTarget<<TargetId>msSqlTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>

     
     

   • Add a new element in the Targets section:

     Code Block
     language xml
     <Targets> <Target Id="cmMsSqlTargetmsSqlTarget" Type="mssql"/> </Targets>

     
     

4. Save changes and close the configuration file.

Configuring event reading and writing in PostgreSQL

The database used as data storage for Axidian Log Server is created manually. The database contents are populated automatically.

1. Create the database in PostgreSQL via pgAdmin:
   • In Browser section right-click on Databases and select Create > Database...
     
   • Enter the database name in the Database field on General tab. Select a service account in the Owner field. This service account is used to connect to the database. Click Save.
     
     
2. Grant privileges to service account on database tables:
   • Select created database and click to open the Query Tool.

   • Enter the text of the request and specify the account name in it:

     Code Block
     language sql
     GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "service account without quotesname";

     
     

   • Select Execute/Refreshin Query Tool to grant privileges.
     
     

3. By default, you can connect to PostgreSQL databases only locally. To operate between several servers, configure a remote connection to the database:

   • Open the pg_hba.conf in PostgreSQL directory.

     Info
     title Pg_hba.conf file location:
     For Windows — C:\Program Files\PostgreSQL\<version number>\data For *nix — /etc/postgresql/<version number>/main

     
     

   • Add a line with the following parameters:

     Code Block
     CONNECTIONTYPE DATABASE USER ADDRESS METHOD

     Where:

     • CONNECTIONTYPE - local or TCP/IP connection type. To use TCP/IP connection, you can specify host as CONNECTIONTYPE.
     • DATABASE - name of the database. To allow connections to all databases, enter ALL.
     • USER - database user account. To allow connections from all accounts, enter ALL.
     • ADDRESS - range of IP-addresses/IP-address/hostname of the CertiFlow server. To allow connections from any IP-address, enter 0.0.0.0/0.

     • METHOD - authentication method of user account. E.g. md5, scram-sha-256.

       Code Block
       title Example
       host LogServer servicepgcfServiceSql 192.200.1.0 md5 host ALL servicepgcfServiceSql 10.0.0.0/8 md5 host ALL ALL 0.0.0.0/0 scram-sha-256

       
       

4. Edit the cmPgSqlTargetthe pgSqlTarget.config config file (C:\inetpub\wwwroot\ls\targetConfigs\cmPgSqlTargetpgSqlTarget.config) as follows:
   <Settings> … </Settings>:
   
   • Host - name or IP-address of the PostgreSQL server.
   • Port - TCP port used to connect to PostgreSQL server (default value is 5432).
   • Database - name of the database.
   • Username - service account that has access to the database.

   • Password - service account password.

     Code Block
     language xml
     <Settings> <ConnectionString>Host=SRV-POSTGRESQL;Port=5432;Database=LogServer;Username=servicepgcfServiceSql;Password=P@ssw0rd</ConnectionString> </Settings>

     
     

5. Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to operate with cmPgSqlTargetpgSqlTarget.config as follows:

   • Add new TargetIds for ReadTarget and WriteTarget in Application section:

     Code Block
     language xml
     <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmPgSqlTarget<<ReadTargetId>pgSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmPgSqlTarget<<TargetId>pgSqlTarget</TargetId> </WriteTargets> <AccessControl> <!-- <CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" /> --> </AccessControl> </Application>

     
     

   • Add a new element in Targets section:

     Code Block
     language xml
     <Targets> <Target Id="cmPgSqlTargetpgSqlTarget" Type="pgsql"/> </Targets>

     
     

Configuring event writing in Syslog

1. Edit the cmSysLogargetthe sysLogarget.config file (C:\inetpub\wwwroot\ls\targetConfigs\cmSysLogTargetsysLogTarget.config) as follows:
   <Settings> … </Settings>:
   • HostName - name or IP-address of Syslog server.
   • Port - port used to connect to Syslog server (default value is 514).

   • Protocol - type of connection to Syslog server: UDP, TCP, TCPoverTLS.

   • Format (optional)- logs format: Plain, CEF, LEEF.

   • SyslogVersion (optional) - Syslog protocol: RFC3164, RFC5424.

     Code Block
     language xml
     <Settings HostName="SRV-SYSLOG" Port="514" Protocol="UDP"/>

     
     

2. Edit the configuration file clientApps.config (C:\inetpub\wwwroot\ls\clientApps.config) to work with cmSysLogTargetsysLogTarget.config as follows:

   • Add the following data in Application section:

     Code Block
     language xml
     <Applications> <Application Id="cm" SchemaId="cmSchema"> <ReadTargetId>cmPgSqlTarget<<ReadTargetId>pgSqlTarget</ReadTargetId> <WriteTargets> <TargetId>cmPgSqlTarget<<TargetId>pgSqlTarget</TargetId> <TargetId>cmSysLogTarget<<TargetId>sysLogTarget</TargetId> </WriteTargets> <AccessControl> <!-- <CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" /> --> </AccessControl> </Application> </Applications>

     
     

   • Add a new element in Targets section:

     Code Block
     language xml
     <Targets> <Target Id="cmPgSqlTargetpgSqlTarget" Type="pgsql"/> <Target Id="cmSysLogTargetsysLogTarget" Type="syslog"/> </Targets>