Audit logging features -- WP7

IBM WebSphere Portal provides out of the box auditing features that allows users to log certain events and their originators into a separate log file.

These logging events are organized into following groups to enable/disable at group level instead of individual events.
1.       audit.groupEvents.enable
2.       audit.userEvents.enable
3.       audit.portletEvents.enable
4.       audit.roleEvents.enable
5.       audit.roleBlockEvents.enable
6.       audit.ownerEvents.enable
7.       audit.resourceEvents.enable
8.       audit.externalizationEvents.enable
9.       audit.userInGroupEvents.enable
10.   audit.webModuleEvents.enable
11.   audit.applicationRoleEvents.enable
12.   audit.principalToApplicationRoleMappingEvents.enable audit.roleToApplicationRoleMappingEvents.enable
13.   audit.domainAdminDataEvents.enable
14.   audit.designerDeployServiceEvents.enable

By default the audit logging service is disabled and default value for all of above settings is false.  

To enable the audit logging service , was admin consoleà Resourcesà Resource Environment Providerà WP_AuditServiceà custom properties

“audit.service.enable” to “true” and also need to enable required group of events.

By default audit service uses the following logging implementation class and audit logging output is written to the following audit log file (IBM\WebSphere\wp_profile\log\audit_2012.01.01-19.43.54.log). No other log messages are written to this file.

audit.logging.class = com.ibm.wps.audit.logging.impl.AuditLoggingImpl
audit.logFileName = log/audit_$create_time.log


ClickHere for the complete list of logging events and configuration service property details

Sample Audit Log statements

1.       Sample Page Creation log
[01/01/12 19:52:11:484 CST] I Audit 00000134e95d450700000001000000f984df05f13bcb4a3c301dc266f45a9d147fb3862000000134e95d450700000001000000f984df05f13bcb4a3c301dc266f45a9d147fb3862000000001 EJPSN0014I: User [uid=wpsadmin,o=defaultWIMFileBasedRealm] has created a Resource for ObjectID = [Z6_AoS11VAVH400NH70I5NKANU81001/null] and Name = (Name not set)

IT contains transactionID, userID , and objectID that’s been created.

2.       Added “all authenticated portal users” to “privileged user “ role on above page
[01/16/12 20:03:00:093 CST] I Audit 00000134e9672b0600000001000001f884df05f13bcb4a3c301dc266f45a9d147fb3862000000134e9672b0600000001000001f884df05f13bcb4a3c301dc266f45a9d147fb3862000000001 EJPSN0010I: User [uid=wpsadmin,o=defaultWIMFileBasedRealm] has assigned the Role with Name = Privileged User, Alias = (null) and ObjectID = [Z6_AoS11VAVH400NH70I5NKANU81001/null], affecting ActionSet [Privileged User], to the following principals: (all authenticated portal users)


Resources

No comments:

Post a Comment