Anonymous_User Absent Member.
Absent Member.
259 views

Collecting logs via SNMP contains/informs user activities ?


my customer is running IBM's "Lotus Domino Server", and customer is
interested to monitor "administrator" and "user" activities.(Lotus
Domino Server logs user/admin activities in its own ".nsf" file)

Soon, I have to collect logs from "IBM Lotus Domino Server" in SLM.

> 2.2 Connection Methods
>
> This Collector supports gathering data from the data sources listed
> above using the following connection methods and
> modes (expressed as"<Connector Name>:<Connection Mode>"):
>
> ▪ SNMP:Packet Output,Syslog:Map
> Output,WMS:Application,File:Connector Dump
>
> NOTE: The SNMP mode is the default mode and should be used in most
> circumstances.

source:
support.novell.com/products/sentinel/doc/collectors/IBM_Lotus-Domino_6.1r1.pdf

My Question here is.. if as per the document SLM collect logs from the
Domino Server via snmp, then does the logs contain info about user and
admin activities ? or they merely reports/informs about the server
health, uptime, start and shutdown status etc ?

I am asking this question because the Domino Collector guide recommends
the **SNMP** method, and normally SNMP is used to monitor server's
availability and not the user/admin activities.

Please help/suggest


--
sharfuddin
------------------------------------------------------------------------
sharfuddin's Profile: https://forums.netiq.com/member.php?userid=1016
View this thread: https://forums.netiq.com/showthread.php?t=46608

0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Collecting logs via SNMP contains/informs user activities ?

Hi,


>>> On 22.01.2013 at 19:34, sharfuddin<sharfuddin@no-mx.forums.netiq.com>

wrote:

> my customer is running IBM's "Lotus Domino Server", and customer is
> interested to monitor "administrator" and "user" activities.(Lotus
> Domino Server logs user/admin activities in its own ".nsf" file)
>
> Soon, I have to collect logs from "IBM Lotus Domino Server" in SLM.
>
>> 2.2 Connection Methods
>>
>> This Collector supports gathering data from the data sources listed
>> above using the following connection methods and
>> modes (expressed as"<Connector Name>:<Connection Mode>"):
>>
>> ▪ SNMP:Packet Output,Syslog:Map
>> Output,WMS:Application,File:Connector Dump
>>
>> NOTE: The SNMP mode is the default mode and should be used in most
>> circumstances.

> source:
>

support.novell.com/products/sentinel/doc/collectors/IBM_Lotus‑Domino_6.1r
> 1.pdf
>
> My Question here is.. if as per the document SLM collect logs from the
> Domino Server via snmp, then does the logs contain info about user and
> admin activities ? or they merely reports/informs about the server
> health, uptime, start and shutdown status etc ?


The domino server can generate SNMP traps for the following events:
Configuration changes, Router Mails, Opened session, Closed session, Access
Database,
Access Server, ACL changes, Server up, Server down.

An "Access Database" trap is send if accessing an NSF file *fails*, e.g. due
to ACL restrictions. If you want to monitor successful database access,
you'll have to write a custom collector/connector to interface with domino's
database activity logging
(http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/topic/com.ibm.help.do
mino.admin.doc/DOC/H_DATABASE_BILLING_1585_OVERVIEW.html)

Norbert

>
> I am asking this question because the Domino Collector guide recommends
> the **SNMP** method, and normally SNMP is used to monitor server's
> availability and not the user/admin activities.
>
> Please help/suggest


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Collecting logs via SNMP contains/informs user activities ?


Norbert Klasen;224415 Wrote:
> Hi,
>
>
> >>> On 22.01.2013 at 19:34,

> sharfuddin<sharfuddin@no-mx.forums.netiq.com>
> wrote:
>
> > my customer is running IBM's "Lotus Domino Server", and customer is
> > interested to monitor "administrator" and "user" activities.(Lotus
> > Domino Server logs user/admin activities in its own ".nsf" file)
> >
> > Soon, I have to collect logs from "IBM Lotus Domino Server" in SLM.
> >
> >> 2.2 Connection Methods
> >>
> >> This Collector supports gathering data from the data sources listed
> >> above using the following connection methods and
> >> modes (expressed as"<Connector Name>:<Connection Mode>"):
> >>
> >> ▪ SNMP:Packet Output,Syslog:Map
> >> Output,WMS:Application,File:Connector Dump
> >>
> >> NOTE: The SNMP mode is the default mode and should be used in most
> >> circumstances.

> > source:
> >

> support.novell.com/products/sentinel/doc/collectors/IBM_Lotus‑Domino_6.1r
> > 1.pdf
> >
> > My Question here is.. if as per the document SLM collect logs from

> the
> > Domino Server via snmp, then does the logs contain info about user

> and
> > admin activities ? or they merely reports/informs about the server
> > health, uptime, start and shutdown status etc ?

>
> The domino server can generate SNMP traps for the following events:
> Configuration changes, Router Mails, Opened session, Closed session,
> Access
> Database,
> Access Server, ACL changes, Server up, Server down.
>
> An "Access Database" trap is send if accessing an NSF file *fails*, e.g.
> due
> to ACL restrictions. If you want to monitor successful database access,
> you'll have to write a custom collector/connector to interface with
> domino's
> database activity logging
> (http://tinyurl.com/a77z3n7
> mino.admin.doc/DOC/H_DATABASE_BILLING_1585_OVERVIEW.html)
>
> Norbert
>
> >
> > I am asking this question because the Domino Collector guide

> recommends
> > the **SNMP** method, and normally SNMP is used to monitor server's
> > availability and not the user/admin activities.
> >
> > Please help/suggest


Thanks Norbert for an excellent reply.

what I understand from your reply is:
if I want to monitor Domino Administrator activity, e.g if admin resets
someone password, delete/modify any account, or perform any
administrative/privlidge activity, then I have to write a custom
collector/connector ?

I got you right ?

Regards,
Muhammad Sharfuddin.


--
sharfuddin
------------------------------------------------------------------------
sharfuddin's Profile: https://forums.netiq.com/member.php?userid=1016
View this thread: https://forums.netiq.com/showthread.php?t=46608

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Collecting logs via SNMP contains/informs user activities ?

Hi Muhammad,

>>> On 23.01.2013 at 09:14, sharfuddin<sharfuddin@no-mx.forums.netiq.com>

wrote:

> Norbert Klasen;224415 Wrote:
>> Hi,
>>
>>
>> >>> On 22.01.2013 at 19:34,

>> sharfuddin<sharfuddin@no‑mx.forums.netiq.com>
>> wrote:
>>
>> > my customer is running IBM's "Lotus Domino Server", and customer is
>> > interested to monitor "administrator" and "user" activities.(Lotus
>> > Domino Server logs user/admin activities in its own ".nsf" file)
>> >
>> > Soon, I have to collect logs from "IBM Lotus Domino Server" in SLM.
>> >
>> >> 2.2 Connection Methods
>> >>
>> >> This Collector supports gathering data from the data sources listed
>> >> above using the following connection methods and
>> >> modes (expressed as"<Connector Name>:<Connection Mode>"):
>> >>
>> >> ▪ SNMP:Packet Output,Syslog:Map
>> >> Output,WMS:Application,File:Connector Dump
>> >>
>> >> NOTE: The SNMP mode is the default mode and should be used in most
>> >> circumstances.
>> > source:
>> >

>>

>

support.novell.com/products/sentinel/doc/collectors/IBM_Lotus‑Domino_6.1r
>> > 1.pdf
>> >
>> > My Question here is.. if as per the document SLM collect logs from

>> the
>> > Domino Server via snmp, then does the logs contain info about user

>> and
>> > admin activities ? or they merely reports/informs about the server
>> > health, uptime, start and shutdown status etc ?

>>
>> The domino server can generate SNMP traps for the following events:
>> Configuration changes, Router Mails, Opened session, Closed session,
>> Access
>> Database,
>> Access Server, ACL changes, Server up, Server down.
>>
>> An "Access Database" trap is send if accessing an NSF file *fails*, e.g.
>> due
>> to ACL restrictions. If you want to monitor successful database access,
>> you'll have to write a custom collector/connector to interface with
>> domino's
>> database activity logging
>> (http://tinyurl.com/a77z3n7
>> mino.admin.doc/DOC/H_DATABASE_BILLING_1585_OVERVIEW.html)
>>
>> Norbert
>>
>> >
>> > I am asking this question because the Domino Collector guide

>> recommends
>> > the **SNMP** method, and normally SNMP is used to monitor server's
>> > availability and not the user/admin activities.
>> >
>> > Please help/suggest

>
> Thanks Norbert for an excellent reply.
>
> what I understand from your reply is:
> if I want to monitor Domino Administrator activity, e.g if admin resets
> someone password, delete/modify any account, or perform any
> administrative/privlidge activity, then I have to write a custom
> collector/connector ?


Yes - for everything else than ACL changes.

Norbert

>
> I got you right ?
>
> Regards,
> Muhammad Sharfuddin.


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.