In API-M there is no audit logs enabled by default. If you consider IS, start up the server and log-in as admin, you can see under [IS-HOME]/repository/logs folder there is a file called audit.log.
But this is not the case with WSO2 API-M. The audit logs are not enabled by default with API-M. You have to manually enable it in configurations files. But this can be done in few easy steps.
1) Download WSO2 API Manager
2) Then extract it to a folder
3) Go to [API-M HOME]/repository/conf/log4j.properties file and add the following configuration for the log file
log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
then add the following set of configurations...
# Appender config to AUDIT_LOGFILE
log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
log4j.appender.AUDIT_LOGFILE.Append=true
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p - %x %m %n
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.AUDIT_LOGFILE.threshold=INFO
log4j.additivity.AUDIT_LOG=false
4) Save the configurations and start the server
5) TA-DA now you have the audit logs in API-M :)
But this is not the case with WSO2 API-M. The audit logs are not enabled by default with API-M. You have to manually enable it in configurations files. But this can be done in few easy steps.
1) Download WSO2 API Manager
2) Then extract it to a folder
3) Go to [API-M HOME]/repository/conf/log4j.properties file and add the following configuration for the log file
log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
then add the following set of configurations...
# Appender config to AUDIT_LOGFILE
log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
log4j.appender.AUDIT_LOGFILE.Append=true
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p - %x %m %n
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.AUDIT_LOGFILE.threshold=INFO
log4j.additivity.AUDIT_LOG=false
4) Save the configurations and start the server
5) TA-DA now you have the audit logs in API-M :)
1 comment:
I have and issue customizing audit logs in WSO2. By default audit logs generated by Wso2 does not have IP address of User machine accesing any application(Service Provider). We are using WSO2 for authentication of users for 2 different Service provider. We have customized only authenticationendpoint war jsp for login screen changes.
By default when a user does login\logout following log comes in audit.log file, but it didn’t gives the IP address of user machine from where it performed operations:
[2017-10-10 00:02:58,330] INFO {AUDIT_LOG}- Initiator : facility2.admin@client.com | Action : Login | Target : ApplicationAuthenticationFramework | Data : { "ContextIdentifier" : "3c","AuthenticatedUser" : "facility2.admin@client.com","AuthenticatedUserTenantDomain" : "carbon.super","ServiceProviderName" : "carbon.super","RequestType" : "samlsso","RelyingParty" : "cnsi:sso:test1041","AuthenticatedIdPs" : "ey." } | Result : Success
Looked into wso2 documentation, and tried adding mdc.put(host,”1.1.1.1”) into basicauth.jsp and log4j pattern in log4j.properties file. Now it is not behaving consistently i.e sometimes it comes and sometimes it doesn’t. Can you please explain what is the correct way and place to do this.
If you are not correct person for this query please let me know the correct person for same. I have also opened a question on stack overflow for this.
Please send me reply at chandhar786@gmail.com
Regards
Ravi Kumar, Software Engineer Edifecs
Post a Comment