Versions Compared

Old Version 7

changes.mady.by.user Amit Munwes

Saved on

compared with

New Version 8

changes.mady.by.user Amit Munwes

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Web Console and the Admin Console audit records are written to their log files.

The audit records include the following information:

ValueDescription
Time stampThe time stamp that an action was done.
For example: 05/02/2017 18:18:30,839
Action execution time (ms)The action execution time in milliseconds.
User IP AddressThe IP address of the user that performed the action (for customers over NAT the actual IP may be the NAT service)
User IDThe DPOD logged in user ID that performed the action
ActionThe action description.
For example: addUser(userName=User1)

Enabling Audit Log

To enable audit logging, edit the log4j2 configuration file at /app/ui/MonTier-UI/lib/log4j2.xml or /app/appadmin/MonTier-AppAdmin/lib/log4j2.xml:


1. Add a new appender under <Appenders> element with the following content:

Code Block
languagexml
themeRDark
<RollingFile name="AUDIT" fileName="${tomee-log-path}/audit.log" filePattern="${tomee-log-path}/audit.%i.log" append="true" bufferedIO="false" bufferSize="0">
	<PatternLayout> 
		<Pattern>%d{dd/MM/yyyy HH:mm:ss,SSS}- %p %c{1.} [%t] %m %ex%n</Pattern>
	</PatternLayout>
	<Policies>
		<SizeBasedTriggeringPolicy size="5 MB" />
	</Policies>
		<DefaultRolloverStrategy max="10"/>
</RollingFile>


2. Add a new logger under <Loggers> element with the following content:

For Web Console:

Code Block
languagexml
themeRDark
<Logger name="org.montier.ui.web.filters.AuditFilter" level="debug" additivity="false">
	<AppenderRef ref="AUDIT"/>
</Logger>

For Admin Console:

Code Block
languagexml
themeRDark
<Logger name="org.montier.utils.admin.web.filter.AuditFilter" level="debug" additivity="false">
	<AppenderRef ref="AUDIT"/>
</Logger>


Make sure to restart the UI/AppAdmin service after altering the log4j2 configuration file.

The output log file will be created in the logs directory (/logs/ui or /logs/appadmin) with the name audit.log.


Note

In order to export the audit records to an external system, use file transfer mechanism (scp) to copy the logs off the product's server.


Audit Records Example

Code Block
languagexml
themeRDark
05/06/2018 18:18:30,839- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   51    192.168.65.190  admin           getSystemParameters()  
05/06/2018 18:18:34,183- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()
05/06/2018 18:18:46,277- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   40    192.168.65.190  admin           addUser(userName=User1)
05/06/2018 18:18:46,304- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()