Discussion created by MattDeChellis Employee on Feb 12, 2013
Latest reply on Jul 10, 2014 by LRKelly

The tool SMAUDITIMPORT reads a SiteMinder audit data text file and imports it into an ODBC database. The tool is located in the \bin directory under the Policy Server installation directory.
Recently some customers were having problems because delimiters are not configurable in audit logs and the [ ] brackets are allowed characters in the userid and url fields and they are written unescaped to the audit log.
When a customer would try to run smauditimport on the audit log and it would look like the following:

Example : [ data ] [ data[]][data] the imported data is field 1-> data, field 2 -> data[ then there is an extra character "]" in the file.

SMAUDITIMPORT has been enhanced as of 12.0 SP3 CR08 and will now handle the delimiters like [ and ] in the logged fields by added
character escaping for the ‘[‘ ‘]’ and ‘\’ (which will be used as the escaping character).

The escaping will be enabled only if the registry key:

Value type: DWORD VALUE

Value Name: EscapeAuditFields

Value Data: 0 or 1

When set to 1, it enabled. 0 or if the key doesn’t exist then it is disabled and no escaping will occur.