Use the Event Log object to create, configure, disable and enable system and subsystem level log files to capture system, security, debug, packet, trace and accounting events. Event Types Facility 21 and local5 are used by /var/log/fips.log. For each event type, an event class (subsystem) and severity threshold can be configured. Event classes include: The ROLLFILE facility provides a means of closing the active log file and opening a new one with an incremented (name) suffix. This facilitates real-time analysis of system events by performing the analysis on closed, rather than opened and growing, files.
Event Facility System 16 local0 Debug 17 local1 Trace 18 local2 Security 19 local3 Audit 20 local4 Accounting 22 local6 Platform Audit Logs 23 local7
Note
For configuration details, see:
Overview
Content Tools