Control Center audit logging
The serviced service writes messages to an audit log file on the master host when configuration changes occur on Control Center hosts. The messages record the time, user identity, and information about the change in plain text.
The default location of the serviced audit log file is /var/log/serviced. The location is determined by the SERVICED_LOG_PATH variable in /etc/default/serviced. The log file name is serviced-audit.log.
- serviced.access.log records HTTP/S requests and is always present.
- application-audit.log records application audit messages, and is present only if an application is configured to write audit messages through Control Center. (Zenoss Resource Manager is configured for audit logging through Control Center, Zenoss Core is not.)
- Mount the serviced audit log directory on a larger local or remote file system.
- Modify the logrotate configuration file.
- Forward the log files to a log management application.
- Use a cron job to copy the files to a larger local or remote file system.