Getting From unity the audit log configurations

Similar Messages

• Same Application Error - while checking the auditing log report in site settings

  dear all,
  I am getting application error - when I am checking the audit log report from
  Site Settings ->Audit log->Run a custom report ->In the save location - when I click browse button.
  Any inputs to solve the issue will be helpful?
  Cheers
  Sathya

  Hi,
  Try to configure audit settings for a site collection as the link below:
  https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-f5a346d0-ee0f-4412-a5e6-d9b5abaa1012
  Or check the blogs below:
  http://sharepointthomas.blogspot.com/2011/07/how-to-enable-audit-functionality-in.html
  http://www.codeproject.com/Articles/431342/Auditing-A-Built-in-Feature-of-SharePoint
  Did you check the ULS log?
  Best Regards,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• An error occurred while trying to access the audit log

  Hi I have run Set-Mailbox ian.shapton -AuditOwner Update, Move, MoveToDeletedItems, SoftDelete, HardDelete
  I then created and deleted an email and ran Search-MailboxAuditLog -Identity "ian shapton" -LogonTypes Owner -StartDate "12/21/2014 12:00" -EndDate "12/21/2014 13:00" -ShowDetails
  I see An error occurred while trying to access the audit log. For more details, see the inner exception.
      + CategoryInfo          : NotSpecified: (:) [Search-MailboxAuditLog], AuditLogException
      + FullyQualifiedErrorId : [Server=Mailbox01,RequestId=07f17915-f25d-4fd5-b23e-f07a2482f4a4,TimeStamp=21/12/2014 16:45:39] [FailureCategory=Cmdlet-AuditLogException] 255D6156,Microsoft.Exchange.Management.SystemConfigurationTasks.SearchMailboxAuditLog
  MSExchange CmdletLogs shows Microsoft.Exchange.Data.ApplicationLogic.AuditLogServiceException: The Exchange Web Service returned an error while trying to access the audit log. Reason: 'Error','ErrorTimeoutExpired','The search operation could
  not be completed within the allotted time limit. Please try to narrow down your scope to reduce the result set.'.
  I am a Recipient Admin and Org Admin and can search other mailboxes using -LogonTypes Delegate
  Any idea what I am missing here?
  shapi

  Hi,
  I have the same problem when I run the Search-MailboxAuditLog command.  It has been working for 2 weeks but suddenly after moving databases from one datacenter to another and back again it stopped working.  The account running the command
  is in all necessary roles needed.
  This is what I have tested after it stopped working:
  - Search-MailboxAuditLog -Identity "xxxxxxx" -LogonTypes Delegate -StartDate (Get-Date).Adddays(-1) = Works
  - Search-MailboxAuditLog -Identity "xxxxxxx" -LogonTypes Delegate -StartDate (Get-Date).Adddays(-1) -showdetails = does not work and comes with an error.
  "The Exchange Web Service returned an error while trying to access the audit log. Reason: 'Error','ErrorTimeoutExpired',
  'The search operation could not be completed within the allotted time limit. 
  Please try to narrow down your scope to reduce the result set.'."
  This is very bad for us because we use a lot of shared mailboxes with delegates and want to report delegate action on these mailboxes.
  Environment:
  - 3 datacenters
  - Exchange 2013 CU7
  Thorir
  thorir

• SQLException in the audit log for the Message Display Tool

  Hi
  I´m newbie in PI Technology, and i have some issues when i try to do the next.
  This is the scenario:
  I need to communicate two systems, for one side i have SAP, and for the other side i have ADI (legal system) so, i use PI to do this (the communication), PI receive the data from SAP by means abap proxy, until this everything is correct, then i do the mapping of the data and i send a message to ADI (with the SAP XI Runtime Workbench) by means JDBC adapter, if i check the sended message with "Message Display Tool" show that the message was sent (status "Delivered") but if i check the received messages option, in the audit log displays the five next errors:
  Error: Could not execute statement for table/stored proc. "FADIA4" (structure "StatementFADIA4") due to java.sql.SQLException: FADIA4 in FILEMET not valid for operation.
  Error: JDBC Message processing failed, due to Error processing request in sax parser: Error when executing statement for table/stored proc. 'FADIA4' (structure 'StatementFADIA4'): java.sql.SQLException: FADIA4 in FILEMET not valid for operation.
  Error: MP: exception caught with cause com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error processing request in sax parser: Error when executing statement for table/stored proc. 'FADIA4' (structure 'StatementFADIA4'): java.sql.SQLException: FADIA4 in FILEMET not valid for operation.
  Error: Adapter Framework caught exception: null
  Error: Delivering the message to the application using connection JDBC_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error processing request in sax parser: Error when executing statement for table/stored proc. 'FADIA4' (structure 'StatementFADIA4'): java.sql.SQLException: FADIA4 in FILEMET not valid for operation..
  if there are somebody that maybe could know what is the problem?, could the problem be the side of the legal system?, because inside of PI when i do the Test Configuration in the Integration Directory, the end of the test is successful.
  Any comment is well received!!
  Thanks,
  Vicman
  P.D. sometimes the error is: java.sql.SQLException: Token ) was not valid. Valid tokens: DAY PATH YEAR LABEL MONTH OPTION RESULT CONNECTION TRANSACTION.
  what does it means?

  Hi Pooja,
  thanks for you quickly response!
  XML sended:
  <?xml version="1.0" encoding="UTF-8"?>
  <ns0:MT_PgDocVentaECC_req xmlns:ns0="http://gmodelo.com/ECC/enviarCobranza">
     <DT_DatosDeControl>
        <MIDDLEWARE_ID/>
        <QUICK_ID/>
        <INTERFACE_NAME/>
        <MESSAGE_ID/>
        <LOG_ID/>
        <USER_ID/>
        <SOURCE_SYSTEM/>
        <TARGET_SYSTEM/>
     </DT_DatosDeControl>
     <DT_PagoDocVentaECC>
        <VKORG>TVKO</VKORG>
        <VKBUR>TVBUR</VKBUR>
        <VKBUR1>TVBUR</VKBUR1>
        <ROUTE>TVRO</ROUTE>
        <ROUTE1>TVRO</ROUTE1>
        <BLART>Q</BLART>
        <BELNR>100</BELNR>
        <WRBTR>200</WRBTR>
        <LFART>100</LFART>
        <VBELN>100</VBELN>
     </DT_PagoDocVentaECC>
  </ns0:MT_PgDocVentaECC_req>
  this is the XML received:
  <?xml version="1.0" encoding="UTF-8"?>
  <ns1:MT_PgDocVentaADI_req xmlns:ns1="http://gmodelo.com/ADI/recibirCobranza">
  <StatementFADIA7>
  <FADIA7action="INSERT">
  <Table>FADIA7</Table>
  <Access>
  <NUMCIA>123</NUMCIA>
  <NUMALM>234</NUMALM>
  <SUBALM>300</SUBALM>
  <CVETOP>16</CVETOP>
  <FOLOPV>22</FOLOPV>
  <SECOVA></SECOVA>
  <IMPOVA>200</IMPOVA>
  <ALMOVA>5678</ALMOVA>
  <SUBOVA>21</SUBOVA>
  <TOPOVA>21</TOPOVA>
  <FOPOVA>41</FOPOVA>
  <FECOVA>100</FECOVA>
  <STSOVA> </STSOVA>
  </Access>
  </FADIA7></StatementFADIA7>
  </ns1:MT_PgDocVentaADI_req>
  what do you think about it?, anything wrong?

• Attribute Encryption in the Audit log

  All,
  I am encrypting attributes so sensitive data is encyrpted at rest. Found out that the audit log doesn't encrypt these attributes. It encrypts userpassword, but not these. Is there a setting or configuration I can extend that will encrypt these attributes in the audit file?
  And if there is, what happens if I need to expand the list of encrypted attributes.
  I am currently running v 6.3.x, and in process of upgrading to ODSEE 11g.x
  Frank

  Hello,
  as far as I can understand, I'm afraid that what you're trying to accomplish is not possible, since attribute encryption is something that happens 'within the Directory Server instance, between the protocol and the DB'... so the informations are sent in clear over the protocol, and this is what the audit log captures. According to the official product documentation:
  http://docs.oracle.com/cd/E19261-01/820-2763/bcaeg/index.html
  "Attribute encryption protects sensitive data while it is stored in the directory. Attribute encryption allows you to specify that certain attributes of an entry are stored in an encrypted format. This prevents data from being readable while stored in database files, backup files, and exported LDIF files.
  With this feature, attribute values are encrypted before they are stored in the Directory Server database, and decrypted back to their original value before being returned to the client. You must use access controls to prevent clients from accessing such attributes without permission, and SSL to encrypt the attribute values when in transit between the client and Directory Server."
  HTH,
  Marco

• How change sStart and End Date and time in the Audit log ???

  Install C2S BM39SP1. Work.
  Go to the: https://bmserver:8009
  Open : VPN Monitor | Audit log information.
  Problem - can not cahnge Date and time in the Audit Log Start(End)
  How i vcan do this ?
  How i can get every day stat log:
  login ; date_time_login ; dtae_timie_logout ; bite_in ; bite_out
  Serg

  Serg,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://support.novell.com/forums)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Content of the Audit Log

  Hello,
  It seems that the text of the audit log is contained in table xi_af_msg_audit ins the J2EE schema under field text_key.
  If I access this key directly from the database it seems to be unnecessarily long, with a lot of blank space padding.
  Is it possible to control what is recorded in this field and hence what is displayed in the Audit Log?
  Kind regards,
  Peter

  You can simply use the AuditMessageKey class to write your own audit log entries. A similar code would be
  AuditMessageKey auditMKey = new AuditMessageKey(message.getMessageId(), AuditDirection.INBOUND);
            Audit.addAuditLogEntry(
                 auditMKey,
                 AuditLogStatus.SUCCESS,
                 "Custom Message");
  Regards,
  Prateek

• Extending the Audit Log

  Hi folks!
  I'm setting up a workflow that grants a role to a user that includes a basic approval.
  The audit log for the workflow only seems to include the reason given when approving or declining the role. For my client's purposes, both the reason for wanting the role and the final decision need to be recorded.
  My thought is that I can prepend the initial request reason (Which we have already transferred to a temporary attribute) to the final Reason (MX_REASON I believe) however I'm not sure when I can slip this into the workflow.
  Has anyone done something similar to this before or have any ideas about another methodology? 
  For various reasons we need to keep with the basic approval.
  Thanks,
  Matt

  if in your env. DBA's also have access to OS files ( note oracle does not require that ), maybe you need to consider writing a cron job to keep polling from OS/DB audit trail and send it over to some remote archive.
  Technically, the separation of duty is not fully in place because DBA could easily turn off auditing. you have to trust somebody to do the auditing. eventually the UNIX root user owns the machine and can even install a rogue oracle executable if the person is determined.

• Protecting the Audit Log

  How can Oracle be set up to protect against tampering with the audit log from a user with DBA privileges?

  if in your env. DBA's also have access to OS files ( note oracle does not require that ), maybe you need to consider writing a cron job to keep polling from OS/DB audit trail and send it over to some remote archive.
  Technically, the separation of duty is not fully in place because DBA could easily turn off auditing. you have to trust somebody to do the auditing. eventually the UNIX root user owns the machine and can even install a rogue oracle executable if the person is determined.

• My 2009 iMac gets stuck on the grey Apple logo when booting up.  It boots correctly when in safe mode. I have tried erasing the HD and re-installing from a USB installer. It says the install is complete, but after restarting it gets stuck on the Apple log

  My late 2009 27" iMac gets stuck on the grey Apple logo when booting up.  It boots correctly when in safe mode. I have tried erasing the HD and re-installing from a USB installer. It says the install is complete, but after restarting it gets stuck on the Apple logo again.  This could possibly be an HD failure, but then why does Safe Mode still work and the USB install not work?  Any ideas?

  1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
  Don't be put off merely by the seeming complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
  2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
  There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
  3. Below are instructions to run a UNIX shell script, a type of program. All it does is to collect information about the state of the computer. That information goes nowhere unless you choose to share it. However, you should be cautious about running any kind of program (not just a shell script) at the behest of a stranger. If you have doubts, search this site for other discussions in which this procedure has been followed without any report of ill effects. If you can't satisfy yourself that the instructions are safe, don't follow them. Ask for other options.
  Here's a summary of what you need to do, if you choose to proceed:
  ☞ Copy a line of text in this window to the Clipboard.
  ☞ Paste into the window of another application.
  ☞ Wait for the test to run. It usually takes a few minutes.
  ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
  The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
  4. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
  5. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
  6. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
  Triple-click anywhere in the line of text below on this page to select it:
  PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts 51 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports 'com.autodesk.AutoCad com.evenflow.dropbox com.google.GoogleDrive' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 ` route -n get default|awk '/e:/{print $2}' ` 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n\t(%s)\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' /^ *$|CSConfigDot/d;s/^ */   /;s/[-0-9A-Fa-f]{22,}/UUID/g;s/(ochat)\.[^.]+(\..+)/\1\2/;/Shared/!s/\/Users\/[^/]+/~/g ' ' s/^ +//;5p;6p;8p;12p;' ' {sub(/^ +/,"")};NR==6;NR==13&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: [^EO]|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<200) print "com.apple.";} ' ' $3~/[0-9]:[0-9]{2}$/ { gsub(/:[0-9:a-f]{14}/,"");} { print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/root/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1000) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/d;/(etc|Preferences)\//s/^\.\/[^/]+//p;' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| ","||kMDItem'${p[35]}'=");sub("^.."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[9]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/ { next;} /%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]" "$1;b=b$1;} END { if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text$|POSIX sh.+ text ex)/) F=F" ("T")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n   ...and %s more line(s)\n",l-L);} ' ' /^ +[NP].+ =/h;/^( +D.+[{]|[}])/{ g;s/.+= //p;};' ' /^ +B/{ s/.+= |(-[0-9]+)?\.s.+//g;p;} ' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / /{$0="'"${p[28]}"'"};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9;} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' 's/0/Off/p' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps sudo\ crontab sudo\ iotop top pkgutil PlistBuddy whoami cksum kextstat launchctl sudo\ launchctl crontab 'sudo defaults read' stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' defaults\ read scutil sudo\ dtrace sudo\ profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil sudo\ lsof test );c2=(com.apple.loginwindow\ LoginHook '-c Print /L*/P*/loginw*' '-c Print L*/P*/*loginit*' '-c Print L*/Saf*/*/E*.plist' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' '-c Print\ :'${p[35]}' 2>&1' '-c Print\ :Label 2>&1|head -1' '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$Message' -k Sender kernel -k Message Req 'Beac|caug|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|SMC:' -o -k Sender fseventsd -k Message Req 'SL' " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cgh] ! -name *ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '-L {/{S*/,},}L*/Lau* -type f' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,E}* {/,}L*/{A*d,Ca*/*/Ex,Compon,Ex,In,iTu,Keyb,Mail/B,P*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,pam.d,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers\ "${p[N5]}" -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' -i4TCP:0-1023 com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' );N1=${#c2[@]};for j in {0..8};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents launchd Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};';done;A7(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0(){ [[ "$v" ]]&&echo "$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "$s"<<<"$v"`&&C1 1 $1;};for i in 1 2;do for j in 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;A2 0 $((N1+1)) 2;C0;A1 0 $N1 1;C0;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D22 11 17 17 20;for i in 0 1;do D22 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A2 19 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;A2 4 20 21;B7 6;B2 9;A4 14 7 52 9;B2 10;B6 9 10 4;C3 25;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;D13 24 24 32 31;D13 25 37 32 33;A1 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D13 21 0 32 19;D13 10 42 32 40;D22 29 35 46 39;};D23 14 1 48 42;D12 34 43 53 44;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 26 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D23 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 20 42 32 41;D13 14 2 48 43;D13 4 5 32 1;D22 4 4 50 0;D13 14 3 49 5;D12 26 48 59 49;B3 4 22 57;A1 26 46 56;B7 22;B3 0 0 58;C3 47;D23 22 9 37 7;A7;C2 2;} 2>/dev/null|pbcopy;exit 2>&-  
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  7. Launch the built-in Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
  Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
  8. If you see an error message in the Terminal window such as "syntax error," enter
  exec bash
  and press return. Then paste the script again.
  9. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return three times at the password prompt. Again, the script will still run.
  If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
  10. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
  [Process completed]
  to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report the results. No harm will be done.
  11. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
  At the top of the results, there will be a line that begins with "Model Identifier." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
  If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
  12. When you post the results, you might see the message, "You have included content in your post that is not permitted." It means that the forum software has misidentified something in the post as a violation of the rules. If that happens, please post the test results on Pastebin, then post a link here to the page you created.
  Note: This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
  Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

• How to check the audit logs

  Hi,
  I would like to know the "lastsucessfullogindate" for portal users.
  I cam across that that this is present in the UME API's
  but this method is deprecated.
  does this information also comes in the security audit logs.
  If yes then how should be auditng be done.
  Regards
  Manoj

  Hi Manoj,
  well sort of, you can look up, when a certain person did log in. The last log in then is the date you are looking for. There is however no log saying User X last successful log in at ....
  The info what is getting logged can be found <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/03/37dc4c25e4344db2935f0d502af295/frameset.htm">in the docs</a>.
  The location of the log files is also described <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/a0/58db515b95b64181ef0552dc1f5c50/frameset.htm">in the docs</a>.
  regards,
  Patrick

• While fetching the Audit Log Programmatically last Downloaded document is not fetched from Auditing Log. To update the events it is taking 5 to 10 mins. After that i can fetch the data. Is there any way to refresh the log to be reflected immediatly?

  SPAuditQuery wssQuery = new SPAuditQuery(SPContext.Current.Web.Site);
  wssQuery.RestrictToUser(SPContext.Current.Web.CurrentUser.ID);
  wssQuery.AddEventRestriction(SPAuditEventType.View);
  wssQuery.RestrictToList(list)       
  //set the query date range
  wssQuery.SetRangeEnd(DateTime.Now);
  wssQuery.SetRangeStart(DateTime.Now.AddMinutes(-30));// To get the last 30 Mins of data
  SPContext.Current.Web.Site.Audit.Update();
  SPContext.Current.Web.Update();                     
  SPAuditEntryCollection auditCol = SPContext.Current.Web.Site.Audit.GetEntries(wssQuery); 

  From your response, I understood that, The coding is okay. So no need to change the code.
  I am not sure what/How to be validated the Lag. Can you please suggest more on detail ?
  One more thing observed based on the below steps
  1. Downloaded 3 documents sequentially
  2. Gave pause for 15 seconds
  3. Downloaded next 2  documents sequentially
  4. Executed my above mentioned program
  Result : Fetched only first 3 documents, documents which are downloaded after pause is not retrieved
  5. Generated the custom report (or ) Do new Download
  Result : I can See 5 Documents (In case of 5th step is new download, I can See 5 Documents instead of 6 documents)
  6:  Executed my above mentioned program
  Result : I can See 5 Documents (In case of 5th step is new download, I can See 5 Documents instead of 6 documents)
  Conclusion: Most recent download event is pushed by other relevant(Custom Report Generation or Download or Page Refresh) event
  Am i Missing anything to obtain the proper result ?

• Getting error on the time of configuring domain in UCM 11.1.1.8

  Hi All,
  I have uninstalled UCM 11.1.1.7 and installing 11.1.1.8. But I am facing issue at the time of running config.cmd file from WC_CONTENT_ORACLE_HOME\common\bin\ directory. When I am running the batch it is saying that "The system cannot find the path specified.".
  I have checked the environment variable path but all are fine. I am using java version 1.6_45.
  Could anyone please help me. I have stuck on it.
  Santanu

  Error message is explicit and straight forward:
  Fri May 11 10:31:29 2007
  WARNING: The following temporary tablespaces contain no files.
  This condition can occur when a backup controlfile has
  been restored. It may be necessary to add files to these
  tablespaces. That can be done using the SQL statement:
  ALTER TABLESPACE <tablespace_name> ADD TEMPFILE
  Alternatively, if these temporary tablespaces are no longer
  needed, then they can be dropped.
  Empty temporary tablespace: TEMP
  *********************************************************************Database will startup, but by the time you try to create a temporary segment through an order by requiring temporary segments, an error will show up.
  Just add datafiles to your temporary tablespace:
  ALTER TABLESPACE TEMP ADD TEMPFILE[i] 'yourTempPath/yourTempFileName.dbf' SIZE nnM autoextend on;
  Replace the italics with suitable parameter values.

• How do I get out of the guest log in page when I try to reboot?

  Was trying to burn a disc when got error message to try to redo it again

  Go to the top right of the screen, you'll see 2 arrows, click on them.
  Or use escape key.

• Audit log settings in CUCM

  Hi all. I'm running CUCM 8.6.2 and I have some questions about the Audit Log Configuration in Serviceability that I'm not finding clear answers for in the documentation here: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/service/8_6_1/admin/serviceability/saaulog.pdf
  Specifically:
  -What exactly is the difference between the Remote Syslog Audit settings and the Database Audit Log Filter Settings? We're trying to send logs to Splunk of changes made on the CUCM without seeing every time applications like TMS authenticate to the CUCM, which is more or less constantly.
  -When the Server Name is set in the Remote Syslog field, and Enable Audit Log is checked in Database Audit Log Filter Settings, does the DB audit log get sent to this IP as well?
  Thanks

  Hi Rajesh,
  Doesnt work for me :(((
  404   Not Found
    The requested resource /messagingsystem/monitor/monitor.jsp is not available
    Details:   File [messagingsystem/monitor/monitor.jsp] not found in application root of alias [/] of J2EE application [sap.com/com.sap.engine.docs.examples].
  Thanks.
  Regards,
  Shweta