Unified Event log

You can use the Unified Event Log for Axidian CertiFlow Linux installations or in multi-server Windows configurations. It allows events from all servers to be recorded in a single, centralized log.

Configure the Unified Event Log using the Axidian CertiFlow Event Log Proxy application.

Axidian CertiFlow Event Log Proxy

The Axidian CertiFlow Event Log Proxy application enables logging events from one or more Axidian CertiFlow servers into a unified Windows Event Log. The Axidian CertiFlow Event Log Proxy can only be installed on a workstation running the Windows OS.

System requirements

To install and configure the Axidian CertiFlow Event Log Proxy:

1. Log in to the workstation as local administrator.

2. Open the Axidian CertiFlow installation package, navigate to the AxidianCertiFlow.Server catalog and run the AxidianCertiFlow.EventLog.Proxy-<version-number>.x64.en-us.msi installation file.

3. In the installation wizard, select an authentication method based on the operating system where the Axidian CertiFlow server is installed, and specify the required settings in the configuration files.

   Windows

   1. Select the Windows authentication method. When the installation is complete, click Finish and close the installation wizard.
   2. Open the web.config file (C:\inetpub\wwwroot\certiflow\eventlogproxy) in Notepad as an administrator.
   3. In the allow users parameter, specify a user account from the domain where the Event Log Proxy is installed. For example, the user catalog service account.
      Example

      <authorization>
           <clear />
           <add accessType="Allow" users="DOMAIN\servicecertiflow" />
      </authorization>
   4. Save and close the web.config file.

   Linux

   1. Select the Certificate authentication method. When the installation is complete, click Finish and close the installation wizard.

   2. Open the appsettings.json file (C:\inetpub\wwwroot\certiflow\eventlogproxy) in Notepad as an administrator.

   3. In the authSettings section, specify the thumbprint of a client certificate of the Axidian CertiFlow server in the allowedCertificateThumbprints parameter.
      Make sure the certificate's Enhanced Key Usage (EKU) field contains the Client Authentication value and the certificate is installed in the Axidian CertiFlow server's certificate store.

      Example

      "authSettings":{
      "authorizeByCertificate": "true",
      "allowedCertificateThumbprints": "aba8b93d73343f2182e3c1c40482b2ae2d75b6ec"
      }

      How to issue a client certificate

   4. Save and close the appsettings.json file.

4. Restart the Axidian CertiFlow Event Log Proxy application pool to apply the changes.

   1. Open the Internet Information Services (IIS) Manager and select Application Pools in the left menu.
   2. Select the Axidian CertiFlow Event Log Proxy application and click Recycle in the right menu.

Configure Axidian CertiFlow to use the Unified Event log

1. Configure connection to the event log in the Configuration Wizard.
2. Test the event log functionality. Go to the Management Console, open the Log section, and search for events.

tip

The log search might return no results if the log on the remote server contains no events. Perform any action in the Axidian CertiFlow web applications. For example, disable a card, add or modify a comment, and then repeat the event search.