A simple but useful feature, is the ability in IBM Security Verify Access to compress rolled over files generated by the Reverse Proxy.
This includes the audit logs, request logs, referrer logs etc.
By default, the rolled over files are plain text, but this can add up – if you intend to store them for longer period.
Its possible to ‘zip’ or ‘gzip’ the rolled over files, you just need to use the marginally more complicated Logcfg option. Here is a quick sample configuration:
In the Stanza
[aznapi-configuration]
You can define logging configuration for specific elements.
logcfg = http.clf:file path=requestnew.log,rollover_size=1000,flush_interval=5,max_rollover_files=10,compress=yes
(Here i have the rollover at 1000 bytes for testing – probably not a good choice in real terms)
The main components you can use are:
- Request Log:
http.clf - Referer Log:
http.ref - User Agent Log:
http.agent - Authorization Audit Log:
audit.azn - Authentication Audit Log:
audit.authn - HTTP Audit Log:
audit.http
But a full list is here: https://www.ibm.com/docs/en/sva/latest?topic=logging-native-auditing
The magic is the addition of the compress=yes to the logging configuration line.
Where you are using the simple request log, audit log, referer log etc configuration, you’ll find you’re now duplicating their output. You should be able to to turn off the ‘simple’ log settings – like with the request log using the configuration:
requests = no
Philip Nye 