The management audit log records every add, change and delete action made by all users of the Ubisecure SSO Management application.
Example logs are shown:
Figure 1: Management Audit Log – a new user has been added by user Administrator at 16:56 on 16.02.2012 |
Figure 2: Management Audit Log – the user Conor McDonald has been deleted by user Administrator at 16:59 on 16.02.2012. |
Figure 3: Management Audit Log – the settings for an Agent has been changed by user Administrator at 16:26 on 16.02.2012. |
Enabling management audit logging
Management Audit Log is disabled by default.
To enable Management Audit Log please edit the configuration file (logback.xml replacing log4j.properties since SSO 9.0)
Configuring via logback.xml file (SSO 9.x and newer)
The logback.xml file is located in ubilogin customization directory (ubilogin-sso/ubilogin/custom/logging/logback.xml) and contains the configuration of all SSO logging. Learn about Logback configuration file syntax.
To enable Management Audit Log please modify level for com.ubisecure.ubilogin.management
logger from OFF
to INFO
:
<configuration> ... <logger name="com.ubisecure.ubilogin.management" level="INFO"> <appender-ref ref="MANAGEMENT_AUDIT_FILE"/> </logger> ... </configuration>
The pattern and appender configuration for this logger is configured by default to:
<configuration> ... <property name="MANAGEMENT_AUDIT_LOG_PATTERN" value="%d{'yyyy-MM-dd HH:mm:ss,SSS'} %msg %diagex%nopex%n" /> ... <appender name="MANAGEMENT_AUDIT_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> <encoder class="ch.qos.logback.classic.PatternLayout"> <pattern>${MANAGEMENT_AUDIT_LOG_PATTERN}</pattern> </encoder> <!-- >file>management_audit.log</file--> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> <fileNamePattern>${LOG_FOLDER}/management_audit.%d{yyyy-MM-dd}.log</fileNamePattern> ... </rollingPolicy> </appender> ... </configuration>
Configuring via log4j.properties file (SSO 8.x)
The log4j.properties file should opened with a text editor:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\ubilogin\WEB-INF\log4j.properties
Linux:
/usr/local/Ubisecure/ubilogin-sso/ubilogin/webapps/ubilogin/WEB-INF/log4j.properties
Change the following line from
log4j.logger.com.ubisecure.ubilogin.management = OFF, ManagementAudit
to
log4j.logger.com.ubisecure.ubilogin.management = INFO, ManagementAudit
Enabling in Log Viewer
Edit the following file with a text editor to enable the log in the Log Viewer:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\logviewer\WEB-INF\filesource.properties
Linux:
/usr/local/Ubisecure/ubilogin-sso/ubilogin/webapps/logviewer/WEB-INF/filesource.properties
Add the following section, modifying XX to a unique sequential number
# UAS Management Audit Log logsource.FileSource.filetype.XX.name = Management Audit logsource.FileSource.filetype.XX.type = text logsource.FileSource.filetype.XX.path = C\:\\Program Files\\Ubisecure\\ubilogin-sso\\ubilogin/logs logsource.FileSource.filetype.XX.filename = management_audit.%YYYY-%MM-%DD.log
Redeploy and restart
To apply configuration changes please redeploy and restart the Ubisecure SSO by executing:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\update.cmd
Linux:
/usr/local/Ubisecure/ubilogin-sso/ubilogin/webapps/config/tomcat/update.sh