The Web Console and the Admin Console audit records are written to their log files.
The audit records include the following information:
Value | Description |
---|---|
Time stamp | The time stamp that an action was done. For example: 05/02/2017 18:18:30,839 |
Action execution time (ms) | The action execution time in milliseconds. |
User IP Address | The IP address of the user that performed the action (for customers over NAT the actual IP may be the NAT service) |
User ID | The DPOD logged in user ID that performed the action |
Action | The action description. For example: addUser(userName=User1) |
Enabling Audit Log
To enable audit logging, edit the log4j2 configuration file at /app/ui/MonTier-UI/lib/log4j2.xml or /app/appadmin/MonTier-AppAdmin/lib/log4j2.xml:
1. Add a new appender under <Appenders> element with the following content:
Code Block | ||||
---|---|---|---|---|
| ||||
<RollingFile name="AUDIT" fileName="${tomee-log-path}/audit.log" filePattern="${tomee-log-path}/audit.%i.log" append="true" bufferedIO="false" bufferSize="0"> <PatternLayout> <Pattern>%d{dd/MM/yyyy HH:mm:ss,SSS}- %p %c{1.} [%t] %m %ex%n</Pattern> </PatternLayout> <Policies> <SizeBasedTriggeringPolicy size="5 MB" /> </Policies> <DefaultRolloverStrategy max="10"/> </RollingFile> |
2. Add a new logger under <Loggers> element with the following content:
For Web Console:
Code Block | ||||
---|---|---|---|---|
| ||||
<Logger name="org.montier.ui.web.filters.AuditFilter" level="debug" additivity="false"> <AppenderRef ref="AUDIT"/> </Logger> |
For Admin Console:
Code Block | ||||
---|---|---|---|---|
| ||||
<Logger name="org.montier.utils.admin.web.filter.AuditFilter" level="debug" additivity="false"> <AppenderRef ref="AUDIT"/> </Logger> |
Make sure to restart the UI/AppAdmin service after altering the log4j2 configuration file.
The output log file will be created in the logs directory (/logs/ui or /logs/appadmin) with the name audit.log.
Note |
---|
In order to export the audit records to an external system, use file transfer mechanism (scp) to copy the logs off the product's server. |
Audit Records Example
Code Block | ||||
---|---|---|---|---|
| ||||
05/06/2018 18:18:30,839- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 51 192.168.65.190 admin getSystemParameters() 05/06/2018 18:18:34,183- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 8 192.168.65.190 admin getUsers() 05/06/2018 18:18:46,277- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 40 192.168.65.190 admin addUser(userName=User1) 05/06/2018 18:18:46,304- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 8 192.168.65.190 admin getUsers() |