Affects Version/s: None
Fix Version/s: None
Support Ticket IDs:
Current syslog audit behaviour doesn't seem to evaluate the valueMappings correctly. For eg. It isn't sending a failed recon to the /var/log/emerg.log file, it appears in /var/log/info.log file, when it's configured to be sent to /var/log/emerg.log.
Steps to replicate:
- rsyslog configuration file rsyslog.conf
- Enable syslog audit handler in audit.json by adding the below code block (copied from integrator's guide)
- Unzip IDM 220.127.116.11
- ./startup.sh p samples/sync-with-ldap without installing ldap
- run reconciliation with the systemLdapAccount_managedUser recon and it will fail
- logs will be in /var/log/info.log rather than /var/log/emerg.log
Various scenarios have been tried, this isn't unique to recon.