Versions Compared

Old Version 1

changes.mady.by.user Margaret Boeneke

Saved on

compared with

New Version Current

changes.mady.by.user AgileAdmin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PD and version Rudy

Event logging The AgileAssets system provides a standard, centralized way to record important software and hardware events such as logins, failed logins, access to resources, audit events, and slow transactions. The event logging service records events from various sources and stores them in a single collection which is written to the system log. System management tools can be configured to display and act on these method for administrators to monitor and log events related to the health of the system. Event logging can be configured to write these to the SYSLOG, and then monitoring tools can receive the events.

Events List

  • Security events
    • Invalid Security Principal: When using javax.security.auth.principal to establish a session and the user ID is not valid
    • Invalid SSO Token: The supplied SSO token is not valid
    • OAuth2 authentication failure: An OAuth2 authentication failed
    • OAuth2 token invalid: Either an access token or an authentication code is invalid or expired
    • User login failed: User ID or password is in valid
    • User Login Succeeded: User login
    • User Authentication Success: OAuth2 successfully processed the access token
    • OAuth2 Client Secret generated
    • OAuth2 Token created: Either an authorization code or access token was created
    • Session Expired: A user session expired
    • Invalid Action: The action_id parameter is not recognized
  • Application life cycle events
    • Web Application Startup begin
    • Web Application Startup complete
    • Web Application Startup failed
  • ArcGIS events
    • ArcGIS job succeeded
    • ArcGIS job failed
    • ArcGIS job status URL: Allows the monitor to obtain the status URL (which is on the ArcGIS server)
    • ArcGIS job status: Uses the status URL to report the status
  • Slow Database Query events

Configuration

The underlying code is Log4jSLF4J, so the configuration is in log4j.propertieslogback.xml use the following code to enable the logger:

Code Block
titleLog4j SLF4J Snippet
# Auditable event loggers 
log4j.logger.<logger name="com.agileassetsinc.events=FATAL, mainLogFile

Event Monitoring

" level="INFO"/>

Most system monitoring tools will monitor the system log file for events and you should use . Use the documentation for those products for configuration of the Log4j SLF4j appender. The log4j.properties has an outline of the setup needed to enable this:Use the following example to configure writing to SYSLOG.

Code Block
titleLog4j configuration
log4j.logger.com.agileassetsinc.events=WARN, SYSLOG
#
# Note the following may be needed
#   Add the following lines to rsyslog.conf file
#
#  $ModLoad imudp
#  $UDPServerRun 514
#
# configure Syslog facility appender
log4j.appender.SYSLOG=org.apache.log4j.net.SyslogAppender
log4j.appender.SYSLOG.threshold=WARN
log4j.appender.SYSLOG.syslogHost=<localhost>
log4j.appender.SYSLOG.facility=LOCAL4
log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout
log4j.appender.SYSLOG.layout.conversionPattern=[%p] %c:%L - %m%n

 

 

 

...

 <!-- Sample appender for SYSLOG -->
    <appender name="SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender">
        <syslogHost>localhost</syslogHost>
        <facility>LOCAL0</facility>
        <port>514</port>
        <suffixPattern>[%thread] %logger %msg</suffixPattern>
    </appender>
....
    <logger name="com.agileassetsinc.events" level="INFO">
        <appender-ref ref="SYSLOG"/>
    </logger>