Default Audit File Handler (auditFileHandler)
The default implementation of the audit file handler which emits audit events to a text file.
Attribute name | Data type | Default value | Description |
---|---|---|---|
compact | boolean | false | When set to true, the entire audit record, which is in JSON format, will be printed on one line within the audit log. |
eventsRef | List of references to top level auditEvent elements (comma-separated string). | A definition of an audit event and audit outcome to emit an audit record for to an audit log. If no events are specified, then all events and all outcomes will be emitted to the audit log. | |
id | string | A unique configuration ID. | |
logDirectory | Path to a directory | ${server.output.dir}/logs | Location where the audit file log(s) will be written to. If not specified, the audit logs are written to the default log location for the server, WLP_OUTPUT_DIR/serverName/logs. |
maxFileSize | int
Minimum: 0 |
20 | The maximum size, in MB, of each audit file log. |
maxFiles | int
Minimum: 0 |
100 | Maximum number of audit file logs to save before the oldest audit file log is wrapped. If an enforced maximum file size exists, this setting is used to determine how many of each of the logs files are kept. |
- events
Description: A definition of an audit event and audit outcome to emit an audit record for to an audit log. If no events are specified, then all events and all outcomes will be emitted to the audit log.Required: falseData type: Attribute name Data type Default value Description eventName - SECURITY_RESOURCE_ACCESS
- CONFIG_SNAPSHOT
- SECURITY_AUTHN_DELEGATION
- JMX_MBEANS
- JMS
- SECURITY_SESSION_EXPIRY
- SECURITY_SESSION_LOGOUT
- SECURITY_SIGNING
- SECURITY_RUNTIME_KEY
- SECURITY_AUDIT_MGMT
- SECURITY_AUTHZ
- JMX_NOTIFICATION
- SECURITY_ENCRYPTION
- SECURITY_SESSION_LOGIN
- SECURITY_MGMT_KEY
- SECURITY_MEMBER_MGMT
- SECURITY_ROLE_MAPPING
- SECURITY_AUTHN
The unique name of the audit event. For example: SECURITY_AUTHN or SECURITY_AUTHZ. - SECURITY_RESOURCE_ACCESS
- securityResourceAccess
- CONFIG_SNAPSHOT
- configSnapshot
- SECURITY_AUTHN_DELEGATION
- securityAuthnDelegation
- JMX_MBEANS
- jmxMbeans
- JMS
- jms
- SECURITY_SESSION_EXPIRY
- securitySessionExpiry
- SECURITY_SESSION_LOGOUT
- securitySessionLogout
- SECURITY_SIGNING
- securitySigning
- SECURITY_RUNTIME_KEY
- securityRuntimeKey
- SECURITY_AUDIT_MGMT
- securityMemberMgmt
- SECURITY_AUTHZ
- securityAuthz
- JMX_NOTIFICATION
- jmxNotification
- SECURITY_ENCRYPTION
- securityEncyption
- SECURITY_SESSION_LOGIN
- securitySessionLogin
- SECURITY_MGMT_KEY
- securityMgmtKey
- SECURITY_MEMBER_MGMT
- securityMemberMgmt
- SECURITY_ROLE_MAPPING
- securityRoleMapping
- SECURITY_AUTHN
- securityAuthn
id string A unique configuration ID. outcome - SUCCESS
- DENIED
- WARNING
- REDIRECT
- ERROR
- INFO
- FAILURE
Defines the outcome for an audit event to gather and report. For example: SUCCESS, FAILURE, or DENIED. If no outcome is specified, then all outcomes for the particular audit event are emitted to the audit.log. - SUCCESS
- success
- DENIED
- denied
- WARNING
- warning
- REDIRECT
- redirect
- ERROR
- error
- INFO
- info
- FAILURE
- failure