Enabling detailed logging for Linux and UNIX computers
In most cases, troubleshooting auditing-related issues requires information about the operation of the agent, the collector service, and database activity. For performance reasons, you should only enable agent logging when you need to capture detailed information about agent operations. For troubleshooting purposes, however, you can use the dadebug
command to turn on detailed logging.
To enable audit-related logging on audited Linux or UNIX computers:
- Switch to the
root
user. - Run the
dadebug clear
command to remove any existing detailed logging from previous operations.dadebug clear
- Run the
dadebug on
command to enable detailed logging on for audit-related agent operations.dadebug on
Detailed messages are recorded in the
/var/log/centrifydc.log
file. You can view the contents of the log file with a text editor. In most cases, however, you should collect additional information and send all of the logged information to Centrify Support. - Restart the auditing service.
/usr/share/centrifydc/bin/centrifyda restart
- Run the
dainfo
diagnostic command and save the output to a text file.dainfo --diag > /tmp/dainfo.txt
- Run the
adinfo
diagnostic command and save the output to a text file.adinfo --diag > /tmp/adinfo.txt
- Stop detailed logging of audit-related activity.
dadebug off
- Send an email to Centrify Support with the log files and the agent configuration file as an attachment.
/var/log/centrifydc.log
/tmp/dainfo.txt
/tmp/adinfo.txt
/etc/centrifyda/centrifyda.conf
To check whether detailed logging is enabled:
- Run
dadebug
without parameters to see if detailed logging is currently enabled.dadebug
Centrify DirectAudit debug logging is on.
- Run
addebug
without parameters to see if detailed logging is currently enabled.addebug
- Run
addebug off
to disable logging, if needed.