Skip to main content
Skip table of contents

Flat File - IBM Informix Application Log

Informix is a family of relational database management system (RDBMS) products by IBM. It is positioned as IBM's flagship data server for online transaction processing (OLTP) as well as integrated solutions. By default, auditing is turned off and needs to be enabled using the Informix command line onaudit utility.

Prerequisites

The Agent flat file collection mechanism uses state tracking to reference the directory and retain the last log read from the file. You will need the following information to configuring collection of IBM Informix logs:

  • The full path to the directory containing the flat files.
  • The LogRhythm System Monitor Agent that will collect the audit logs from the flat file.

Configure IBM Informix

To configure IBM Informix for collection by a LogRhythm Agent:

  1. Go to the /etc subdirectory of your default Informix install directory.
  2. Locate the configuration file onconfig.<databasename>.
    If a database has not been created, find the file onconfig.std file.
  3. Open the file for editing.
  4. Locate the line that begins MSGPATH, which contains the path and file name of the application log for the given database.
  5. Accept the default or modify it to a directory/file name of your choosing. Make note of the full path and file name.
  6. To ensure log messages have a complete date/time stamp, add the following parameter in a new line anywhere in the onconfig file: MSG_DATE 1
  7. Save and close the onconfig file.

After you configure the device, you must also configure LogRhythm according to the instructions provided on the overview page of this guide. Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.

The name of the log message source is Flat File - IBM Informix Application Log. In addition, when configuring this log source:

  • For Log Message Processing Mode, select MPE Processing Enabled, Event Forwarding Enabled.
  • For Log Message Processing Engine (MPE) Policy, select LogRhythm Default.
  • On the Flat File Settings tab, enter the following:
    • File Path. <path to log file, including the file name and extension>
    • Date Parsing Format. Select existing IBM Informix Application Log: <M>/<d>/<y> <h>:<m>:<s>
    • Log Message Start Regex. ^



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close