eDirectory has two event caching mechanisms. Each is separate and helps solve one of the challenges outlined above.
Journal Event Cache
Description: this cache applies to ALL journal events: ndstrace, XDAS, NAudit, IDM events, etc. A location on disk can be set to store cached events. This location will be used rather than memory when the number being created becomes greater than the number that can be processed. This cache resides in the NDSD event system and is at a lower layer than the XDAS cache.
Pros: this helps reduce NDSD’s memory footprint by storing those events not yet processed to disk instead.
Cons: consumes additional disk space but compression lowers this requirement. It can also be slower to process the events since they must first be written to then retrieved from disk rather than memory.
Configuration: this cache’s settings are controlled via environment variables set in the ndsd script.
Enables the Journal Event Cache.
Sets the cache directory. Optional, default for Linux is /var/opt/novell/eDirectory/data/ and the dib directory for Windows.
As these are environment variables these are set in the following locations:
– There is no Journal Event cache setting for specifying the size. The Journal cache will use file sizes of 4MB or less while implementing its own compression upon them.
Description: The cache is implemented in the xadauditds layer and is ONLY used when:
1. XDAS specific events are ready to be sent to a remote auditing server.
2. The remote server cannot be reached.
Pros: Prevents the loss of audit event information when a remote audit server cannot be contacted. This cache is only used when required. The events are released once the remote server’s connection is reestablished.
Cons: other than some additional disk space used, none since it is only used if there is a problem.
Configuration: this cache’s settings are controlled via variables set in the xdasconfig.properties file.
Enables the XDAS Cache for storing XDAS events locally.
Optionally specifies the directory to use (/var/opt/novell/eDirectory)
Specifies the maximum file size. Values can be from 50MB to 4GB. The default is 512MB.
can be used together. Consider the following scenario.
a. An XDAS audit event for a login is thrown but its reporting to the consumer is delayed behind other earlier events. The event gets written to the Journal Event Cache.
b. The Journal thread comes along and releases this event from the Journal Cache.
c. The configured remote audit server cannot be contacted. The event goes into the XDAS Cache.
d. The remote server is brought online again. The event is released from the XDAS cache and sent to a remote syslog appender.
More information can be found in the eDirectory Admin Guide found here: https://www.netiq.com/documentation/