Show Table of Contents
2.5.3. Configuring Audit Logging
Audit logging can be configured to print authentication and authorization information for each thread and EJB call.
Important
Logging individual requests is a resource intensive activity. Test the impact this will have on your server and application performance before enabling this level of logging on a production server.
Procedure 2.2. Monitor Server Startup and Shutdown Events
Enable server startup and shutdown events by making the recommended changes to
JBOSS_HOME/server/production/conf/jboss-log4j.xml
Uncomment Security Audit Appender
Uncomment the following block.<!-- Security AUDIT Appender --> <appender name="AUDIT" class="org.jboss.logging.appender.DailyRollingFileAppender"> <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/> <param name="File" value="${jboss.server.log.dir}/audit.log"/> <param name="Append" value="true"/> <param name="DatePattern" value="'.'yyyy-MM-dd"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %-5p [%c] (%t:%x) %m%n"/> </layout> </appender>Uncomment Security Audit Provider
Uncomment the following block:<!-- Category specifically for Security Audit Provider --> <category name="org.jboss.security.audit.providers.LogAuditProvider" additivity="false"> <priority value="TRACE"/> <appender-ref ref="AUDIT"/> </category>
Configure SecurityInterceptor logging level
Set the logging level of theSecurityInterceptorclass toTRACEby adding the <priority> element to the root <category> element.<category name="org.jboss.ejb.plugins.SecurityInterceptor"> <priority value="TRACE" /> <appender-ref ref="AUDIT" /> </category>
Enable logging for ServerImpl log messages
Set the priority and appender-ref levels for the Microcontainer bootstrap by adding the <category> block as specified.<category name="org.jboss.bootstrap.microcontainer"> <priority value="INFO"/> <appender-ref ref="AUDIT"/> </category>
Enable logging for web-based requests
If you need additional logging for web-based requests, uncomment theAccessLogValveinJBOSS_HOME/server/production/deploy/jbossweb.sar/server.xml.<Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".log" pattern="common" directory="${jboss.server.home.dir}/log" resolveHosts="false" />The access log is saved in thelogdirectory of the server configuration.Update ConversionPattern
Update the ConversionPattern parameter in the appender/layout element to show thread information by replacing the Default Pattern with the Full Pattern:<!--The full pattern: Date MS Priority [Category] (Thread:NDC) Message --> <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.