The Web Console and the Admin Console audit records are written to the product's UI componenttheir log files.
The audit records include the following information:
Value | Description |
---|
Time stamp | The time stamp that an action was done. |
Example For example: 05/02/2017 18:18:30,839 |
Action execution time (ms) | The action execution time in |
mili secondsmilliseconds. |
User IP Address | The IP address of the user that |
perform .(for customers over NAT the actual IP may be the NAT service) |
User ID | The DPOD logged in user ID that performed the action |
Action | The action description. |
Example For example: addUser(userName=User1) |
Enabling Audit Log
To enable audit logging, edit the UI service log4j log4j2 configuration file : at /app/ui/MonTier-UI/lib/log4j2.xml or /app/appadmin/MonTier-AppAdmin/lib/log4j2.xmlChange the "org.montier" logger to level="debug" as describe below :
1. Add a new appender under <Appenders> element with the following content:
Code Block |
---|
|
<RollingFile name="AUDIT" fileName="${tomee-log-path}/audit.log" filePattern="${tomee-log-path}/audit.%i.log" append="true" bufferedIO="false" bufferSize="0">
<PatternLayout>
<Pattern>%d{dd/MM/yyyy HH:mm:ss,SSS}- %p %c{1.} [%t] %m %ex%n</Pattern>
</PatternLayout>
<Policies>
<SizeBasedTriggeringPolicy size="5 MB" />
</Policies>
<DefaultRolloverStrategy max="10"/>
</RollingFile> |
2. Add a new logger under <Loggers> element with the following content:
Code Block |
---|
|
<Logger name="org.montier.common.utils.web.filter.AbstractAuditFilter" level="debug" additivity="false">
<AppenderRef ref="MONTIERAUDIT"/>
<AppenderRef ref="CATALINA"/>
</Logger> |
Make sure to restart 3. Restart the UI service /AppAdmin services after altering the log4j log4j2 configuration filefiles.
The output log file will be created in the UI service log logs directory : (/logs/ui or /logs/appadmin) with the name catalinaaudit.log.
...
In order to export the audit records to an external system, use file transfer mechanism (scp) to copy the logs off the product's server. |
Audit Records Example
Code Block |
---|
|
05/06/2018 18:18:30,839- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 51 192.168.65.190 admin getSystemParameters()
05/06/2018 18:18:34,183- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 8 192.168.65.190 admin getUsers()
05/06/2018 18:18:46,277- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 40 192.168.65.190 admin addUser(userName=User1)
05/06/2018 18:18:46,304- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1] 8 192.168.65.190 admin getUsers() |
Note |
---|
In order to export the audit records use file transfer mechanism ( scp) to copy the logs off the product's server. |