Management audit log - SSO
- John Jellema
The management audit log records every add, change and delete action made by all users of the Ubisecure SSO Management application.
Example logs are shown:
|
|---|
| Figure 1: Management Audit Log – a new user has been added by user Administrator at 16:56 on 16.02.2012 |
|
|---|
| Figure 2: Management Audit Log – the user Conor McDonald has been deleted by user Administrator at 16:59 on 16.02.2012. |
|
|---|
| Figure 3: Management Audit Log – the settings for an Agent has been changed by user Administrator at 16:26 on 16.02.2012. |
Enabling management audit logging
Management audit log is disabled by default.
If you have a SSO cluster installation you need to configure both nodes in the same way.
Enabling in logger configuration
In order to start creating Management audit log events, you need to edit the logger configuration file which resides in the following location in the default installation:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\logging\include-logback.xml
Linux:
/usr/local/ubisecure/ubilogin-sso/ubilogin/custom/logging/include-logback.xml
To enable Management audit log please modify the level for com.ubisecure.ubilogin.management logger from OFF to INFO:
<!-- (6) SSO management audit log. -->
<!-- Set the level to INFO if you desire to have SSO Management audit file log -->
<logger name="com.ubisecure.ubilogin.management" level="INFO">
<appender-ref ref="MANAGEMENT_AUDIT_FILE" />
</logger>
Details about the logger configuration in Understanding SSO logger configuration.
Enabling in Log Viewer
Edit the following file with a text editor to enable the log in the Log Viewer:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\logviewer\WEB-INF\filesource.properties
Linux:
/usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/logviewer/WEB-INF/filesource.properties
Add the following section, modifying XX to a unique sequential number
# UAS Management Audit Log logsource.FileSource.filetype.XX.name = Management Audit logsource.FileSource.filetype.XX.type = text logsource.FileSource.filetype.XX.path = C\:\\Program Files\\Ubisecure\\ubilogin-sso\\ubilogin/logs logsource.FileSource.filetype.XX.filename = management_audit.%YYYY-%MM-%DD.log
Redeploy and restart
To apply configuration changes please redeploy and restart the Ubisecure SSO by executing:
Windows:
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\update.cmd
Linux:
/usr/local/ubisecure/ubilogin-sso/ubilogin/config/tomcat/update.sh