IBM DataPower Operations Dashboard v1.0.17.0

A newer version of this product documentation is available.

You are viewing an older version. View latest at IBM DPOD Documentation.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Current »

The Web Console and the Admin Console audit records are written to their log files.

The audit records include the following information:

ValueDescription
Time stampThe time stamp that an action was done.
For example: 05/02/2017 18:18:30,839
Action execution time (ms)The action execution time in milliseconds.
User IP AddressThe IP address of the user that performed the action (for customers over NAT the actual IP may be the NAT service)
User IDThe DPOD logged in user ID that performed the action
ActionThe action description.
For example: addUser(userName=User1)

Enabling Audit Log

To enable audit logging, edit the log4j2 configuration file at /app/ui/MonTier-UI/lib/log4j2.xml or /app/appadmin/MonTier-AppAdmin/lib/log4j2.xml:


1. Add a new appender under <Appenders> element with the following content:

<RollingFile name="AUDIT" fileName="${tomee-log-path}/audit.log" filePattern="${tomee-log-path}/audit.%i.log" append="true" bufferedIO="false" bufferSize="0">
	<PatternLayout> 
		<Pattern>%d{dd/MM/yyyy HH:mm:ss,SSS}- %p %c{1.} [%t] %m %ex%n</Pattern>
	</PatternLayout>
	<Policies>
		<SizeBasedTriggeringPolicy size="5 MB" />
	</Policies>
		<DefaultRolloverStrategy max="10"/>
</RollingFile>


2. Add a new logger under <Loggers> element with the following content:

For Web Console:

<Logger name="org.montier.ui.web.filters.AuditFilter" level="debug" additivity="false">
	<AppenderRef ref="AUDIT"/>
</Logger>

For Admin Console:

<Logger name="org.montier.utils.admin.web.filter.AuditFilter" level="debug" additivity="false">
	<AppenderRef ref="AUDIT"/>
</Logger>

Make sure to restart the UI/AppAdmin service after altering the log4j2 configuration file.

The output log file will be created in the logs directory (/logs/ui or /logs/appadmin) with the name audit.log.

In order to export the audit records to an external system, use file transfer mechanism (scp) to copy the logs off the product's server.

Audit Records Example

05/06/2018 18:18:30,839- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   51    192.168.65.190  admin           getSystemParameters()  
05/06/2018 18:18:34,183- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()
05/06/2018 18:18:46,277- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   40    192.168.65.190  admin           addUser(userName=User1)
05/06/2018 18:18:46,304- DEBUG o.m.u.w.f.AuditFilter [ajp-bio-8070-exec-1]   8     192.168.65.190  admin           getUsers()
  • No labels