As Said --> Completed all tasks on SM19 includign filters /clnts whats to be written whats critcal .....

I doubt ,If filter is the catch !--

Any other suggestions?

Once the migration is over --> the jobs are in scheduled status so which are the jobs that need to be relaesed...configuration is done and over with !

Thanks

You need to restart the system for the config to take affect.

Actually you need to restart it twice: 1st to setup the rsau/ params and activate then, and then again after setting up the static profiles and filters.

What do you mean by "jobs"? Are you reading the logs on a central system which is collecting them from remote ones? There are to my knowledge 2 ways of doing this, which are you using?

Cheers,

Julius

George,

I'm not sure if you have done this. But this was MY problem when I was trying to configure Security Audit logs.

There is a Check Box that you need to check when defining the filter. It is called "Filter Active". Make sure that it is checked and then activate the Configuration. See if that helps.

Also, before you do this, deactivate all the configurations and start over.

If not, a few questions.

1. Is it generating anything at all.

2. If you are using a Dynamic configuration, is the status green ?

Kunal

Very good comments Kunal! We have also in the past experienced this. The sequence of the settings and restarts are important for the static stuff, and the dynamic filters are very usefull for testing them in advance.

@ George: It is nice to keep us on our toes, but a bit more detailed information would be more efficient.

Cheers,

Julius

Thank you Sir !

I have been fiddling with this for a while now and just got it working today

@George:

Here is what I was trying to know.

If there are any/some logs generated, then it is probably the size of the logs that is incorrect. But as such, the default size for logs is big enough to at least start the creation of logs. So your configuration is okay.

If the logs are not being generated, then it has to be either the profile parameters or the configuration of the filters or the permissions on the filesystem.

Also, I started with the Dynamic Configuration as Julius suggested. It is much easier to work with and you don't have to restart the system every now and then to see if the changes you make did take effect.

Hope this helps

Kunal

I think George needs to provide more information about whether he is wanting to push the files (a dataset problem?), or whether he wanting to pull them (how his kernel is "mounted" - I believe that is the correct expression).

From a "face-value" security perspective, everyone wants to be on the "pushing" side...

Apologies for the delayed ..DELAYED response.

Well, I have done all that was mentioned in the forum and few other books..no avail.

The BASIS too did just what was suggested !! now the task is withthe BASIS to figure it out..once this is done I shall post the answer.

However the log files begining the actual curtover is present in the system - ie on SM20. Whats missing is the data prior to this date.

Thx

The issue is solved.

The problem was very fundamental ....After the migration the wrong files were loaded into the system hence the data on SM20 was not there..

yesterday This was figured out and the right files were loaded and now all is fine !!

Thanks a million for the support !