The management audit log records every add, change and delete action made by all users of the Ubisecure SSO Management application.
Example logs are shown:
...
Enabling management audit logging
Management Audit Log audit log is disabled by default.To enable Management Audit Log please edit the configuration file (logback.xml replacing log4j.properties since SSO 9.1)
Configuring via logback.xml file (SSO >= 9.1)
...
| Note |
|---|
If you have a SSO cluster installation you need to configure both nodes in the same way. |
Enabling in logger configuration
In order to start creating Management audit log events, you need to edit the logger configuration file which resides in the following location in the default installation:
Windows:
| Code Block | ||
|---|---|---|
| ||
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\logging\include-logback.xml |
Linux:
| Code Block | ||
|---|---|---|
| ||
/usr/local/ubisecure/ubilogin-sso/ubilogin/custom/logging/include-logback.xml |
...
To enable Management
...
audit log please modify the level for com.ubisecure.ubilogin.management logger from OFF to INFO:
| Code Block |
|---|
<configuration> ... <logger name="com.ubisecure.ubilogin.management" level="INFO"> <appender-ref ref="MANAGEMENT_AUDIT_FILE"/> </logger> ... </configuration> |
The pattern and appender configuration for this logger is configured by default to:
| Code Block |
|---|
<configuration> ... <property name="MANAGEMENT_AUDIT_LOG_PATTERN" value="%d{'yyyy-MM-dd HH:mm:ss,SSS'} %msg %diagex%nopex%n" /> ... <appender name="MANAGEMENT_AUDIT_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> <encoder class="ch.qos.logback.classic.PatternLayout <!-- (6) SSO management audit log. --> <!-- Set the level to INFO if you desire to have SSO Management audit file log --> <logger name="com.ubisecure.ubilogin.management" level="INFO"> <pattern>${<appender-ref ref="MANAGEMENT_AUDIT_LOG_PATTERN}</pattern> </encoder> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> <fileNamePattern>${LOG_FOLDER}/management_audit.%d{yyyy-MM-dd}.log</fileNamePattern> ... FILE" /> </rollingPolicy> </appender> ... </configuration> |
Configuring via log4j.properties file (SSO <= 9.0)
The log4j.properties file should opened with a text editor:
Windows:
| Code Block | ||
|---|---|---|
| ||
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\ubilogin\WEB-INF\log4j.properties |
Linux:
| Code Block | ||
|---|---|---|
| ||
/usr/local/Ubisecure/ubilogin-sso/ubilogin/webapps/ubilogin/WEB-INF/log4j.properties |
...
| Code Block | ||
|---|---|---|
| ||
log4j.logger.com.ubisecure.ubilogin.management = OFF, ManagementAudit |
to
| Code Block | ||
|---|---|---|
| ||
log4j.logger.com.ubisecure.ubilogin.management = INFO, ManagementAuditlogger> |
Details about the logger configuration in Understanding SSO logger configuration.
Enabling in Log Viewer
Edit the following file with a text editor to enable the log in the Log Viewer:
...
| Code Block | ||
|---|---|---|
| ||
/usr/local/Ubisecureubisecure/ubilogin-sso/ubilogin/webapps/logviewer/WEB-INF/filesource.properties |
...
| Code Block | ||
|---|---|---|
| ||
# UAS Management Audit Log
logsource.FileSource.filetype.XX.name = Management Audit
logsource.FileSource.filetype.XX.type = text
logsource.FileSource.filetype.XX.path = C\:\\Program Files\\Ubisecure\\ubilogin-sso\\ubilogin/logs
logsource.FileSource.filetype.XX.filename = management_audit.%YYYY-%MM-%DD.log |
Redeploy and restart
To apply configuration changes please redeploy and restart the Ubisecure SSO by executing:
...
| Code Block | ||
|---|---|---|
| ||
/usr/local/Ubisecureubisecure/ubilogin-sso/ubilogin/webapps/config/tomcat/update.sh |