Versions Compared

Version Old Version 4 New Version Current
Changes made by

Shachar Greenberg

Avi Falah

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Web Console and the Admin Console audit records are written to the product's  UI componenttheir log files.

The audit records include the following information:

ValueDescription
Time stampThe time stamp that an action was done.
Example

For example: 05/02/2017 18:18:30,839
Action execution time (ms)The action execution time in
mili seconds
milliseconds.
User IP AddressThe IP address of the user that
perform
performed the action (
For
for customers over NAT the actual IP may be the NAT service)
User IDThe DPOD logged in user ID that performed the action
ActionThe action description.
Example

For example: addUser(userName=User1)

Enabling Audit Log

Audit

...

To enable audit logging edit the UI service log4j configuration file : /app/ui/MonTier-UI/lib/log4j2.xml

Change the "AUDIT" appender as describe below :logs are enabled on DPOD by default.

To disable or enables this logs follow the steps above and restart UI and Admin consoles using Command Line Interfacer (CLI).

Note

In order to export the audit records to an external system, use file transfer mechanism (scp) to copy the logs off the product's server.

Enable Audit Logs

Code Block
languagexmlbash
themeRDark
<RollingFile name="AUDIT" fileName="${tomee-log-path}/audit.log" filePattern="${tomee-log-path}/audit.%i.log" append="true" bufferedIO="false" bufferSize="0">
	<PatternLayout> 
		<Pattern>%d{dd/MM/yyyy HH:mm:ss,SSS}- %p %c{1.} [%t] %m %ex%n</Pattern>
	</PatternLayout>
	<Policies>
		<SizeBasedTriggeringPolicy size="5 MB" />
	</Policies>
		<DefaultRolloverStrategy max="10"/>
</RollingFile>

Change the "org.montier.ui.web.filters.AuditFilter" logger to level="debug" as describe below :

Code Block
languagexml
themeRDark
<Logger name="org.montier.ui.web.filters.AuditFilter" level="debug" additivity="false">
	<AppenderRef ref="AUDIT"/>
</Logger>

Make sure to restart the UI service after altering the log4j configuration file.

The output log file will be created in the UI service log directory : /logs/ui with the name audit.log

...

sed -i 's/^export OD_AUDIT_LOG_LEVEL=.*/export OD_AUDIT_LOG_LEVEL="info"/g' /etc/init.d/MonTier-UI
sed -i 's/^export OD_AUDIT_LOG_LEVEL=.*/export OD_AUDIT_LOG_LEVEL="info"/g' /etc/init.d/MonTier-AppAdmin

Disable Audit Logs

Code Block
languagebash
themeRDark
sed -i 's/^export OD_AUDIT_LOG_LEVEL=.*/export OD_AUDIT_LOG_LEVEL="error"/g' /etc/init.d/MonTier-UI
sed -i 's/^export OD_AUDIT_LOG_LEVEL=.*/export OD_AUDIT_LOG_LEVEL="error"/g' /etc/init.d/MonTier-AppAdmin

Audit Records Example

Code Block
languagexml
themeRDark
05/06/2018 18:18:30,839- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   51    192.168.65.190  admin           getSystemParameters()  
05/06/2018 18:18:34,183- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()
05/06/2018 18:18:46,277- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   40    192.168.65.190  admin           addUser(userName=User1)
05/06/2018 18:18:46,304- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()
Note
In order to export the audit records use file transfer mechanism 
(
scp
)
to copy the logs off the product's server.