-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification
2.5.3. Configuring Audit Logging
Audit logging can be configured to print authentication and authorization information for each thread and EJB call.
Important
Logging individual requests is a resource intensive activity. Test the impact this will have on your server and application performance before enabling this level of logging on a production server.
Procedure 2.2. Monitor Server Startup and Shutdown Events
Enable server startup and shutdown events by making the recommended changes to
JBOSS_HOME/server/production/conf/jboss-log4j.xml
Uncomment Security Audit Appender
Uncomment the following block.<!-- Security AUDIT Appender --> <appender name="AUDIT" class="org.jboss.logging.appender.DailyRollingFileAppender"> <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/> <param name="File" value="${jboss.server.log.dir}/audit.log"/> <param name="Append" value="true"/> <param name="DatePattern" value="'.'yyyy-MM-dd"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %-5p [%c] (%t:%x) %m%n"/> </layout> </appender>
Uncomment Security Audit Provider
Uncomment the following block:<!-- Category specifically for Security Audit Provider --> <category name="org.jboss.security.audit.providers.LogAuditProvider" additivity="false"> <priority value="TRACE"/> <appender-ref ref="AUDIT"/> </category>
Configure SecurityInterceptor logging level
Set the logging level of theSecurityInterceptor
class toTRACE
by adding the <priority> element to the root <category> element.<category name="org.jboss.ejb.plugins.SecurityInterceptor"> <priority value="TRACE" /> <appender-ref ref="AUDIT" /> </category>
Enable logging for ServerImpl log messages
Set the priority and appender-ref levels for the Microcontainer bootstrap by adding the <category> block as specified.<category name="org.jboss.bootstrap.microcontainer"> <priority value="INFO"/> <appender-ref ref="AUDIT"/> </category>
Enable logging for web-based requests
If you need additional logging for web-based requests, uncomment theAccessLogValve
inJBOSS_HOME/server/production/deploy/jbossweb.sar/server.xml
.<Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".log" pattern="common" directory="${jboss.server.home.dir}/log" resolveHosts="false" />
The access log is saved in thelog
directory of the server configuration.Update ConversionPattern
Update the ConversionPattern parameter in the appender/layout element to show thread information by replacing the Default Pattern with the Full Pattern:<!--The full pattern: Date MS Priority [Category] (Thread:NDC) Message --> <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>