We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Post your ideas
Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the IBM team to refine your idea
Help IBM prioritize your ideas and requests
The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The product management team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.
Receive notification on the decision
Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.
syslog support for informix audit logging. or an easier mechanism to forward logs in the shortterm
We will prefer a syslog compliant logging or in the short-term an easier interface for forwarding logs (audit logs) to a centralized system. There is a new PCI/PA-DSS requirement for the financial/banking industry. To send all security logging to a centralized server. In the context of informix this means the audit logs. As of now audit logs are written to a specified directory. There is an additional complication, that the logfilename will keep changing at different times. That means any program written to monitor logging and forwarding has to put in logic for detecting the lastest log file, and then forward new entries from it.
The industry standard for these is using a syslog compliant logging. As of now for the reasons mentioned above, meeting this requirement is a very cumbersome process of integration.
We have informix installed on hundreds of client sites, and I would definitely like to see support added in informix for supporting centralized logging.
I am quite sure you are going to hear about similar problems faced by a large number of customer in banking industry, who are trying to meet the new requirement originating from PCI.
In case syslog can
FYI: Oracle support direct sending of logs using syslog facility. This allows for easy integration with a centralized logging server.
Do not place IBM confidential, company confidential, or personal information into any field.