Security auditing provides tracking and archiving of auditable
events. This topic uses the wsadmin tool to enable and administer
your security auditing configurations.
About this task
While security authentication and authorization ensures that
users must have access to view protected resources, security auditing
provides a mechanism to validate the integrity of a security computing
environment. Security auditing collects and logs authentication, authorization,
system management, security, and audit policy events in audit event
records. You can analyze audit event records to determine possible
security breaches, threats, attacks, and potential weaknesses in the
security configuration of your environment. Enable security auditing
in your environment. For example, the following list displays a sample
of events to audit:
- Determine the time that a specific user attempted to access a
resource.
- View information for successful and unsuccessful attempts to access
resources.
- Review changes to resources that were made by a specific user.
- Determine the cause of unsuccessful login attempts.
Use the following task outline to enable and configure security
auditing in your environment:
What to do next
To further configure security auditing, you can: