You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Event logging provides a standard, centralized way to record important software and hardware events such as logins, failed logins, access to resources, audit events, and slow transactions. The event logging service records events from various sources and stores them in a single collection which is written to the system log. System management tools can be configured to display and act on these events.

Events List

  • Security events
    • Invalid Security Principal: When using javax.security.auth.principal to establish a session and the user ID is not valid
    • Invalid SSO Token: The supplied SSO token is not valid
    • OAuth2 authentication failure: An OAuth2 authentication failed
    • OAuth2 token invalid: Either an access token or an authentication code is invalid or expired
    • User login failed: User ID or password is in valid
    • User Login Succeeded: User login
    • User Authentication Success: OAuth2 successfully processed the access token
    • OAuth2 Client Secret generated
    • OAuth2 Token created: Either an authorization code or access token was created
    • Session Expired: A user session expired
    • Invalid Action: The action_id parameter is not recognized
  • Application life cycle events
    • Web Application Startup begin
    • Web Application Startup complete
    • Web Application Startup failed
  • ArcGIS events
    • ArcGIS job succeeded
    • ArcGIS job failed
    • ArcGIS job status URL: Allows the monitor to obtain the status URL (which is on the ArcGIS server)
    • ArcGIS job status: Uses the status URL to report the status
  • Slow Database Query events

Configuration

The underlying code is Log4j, so the configuration is in log4j.properties:

Log4j Snippet
# Auditable event loggers 
log4j.logger.com.agileassetsinc.events=FATAL, mainLogFile

Event Monitoring

Most system monitoring tools will monitor the system log file for events and you should use the documentation for those products for configuration of the Log4j appender. The log4j.properties has an outline of the setup needed to enable this:

Log4j configuration
log4j.logger.com.agileassetsinc.events=WARN, SYSLOG
#
# Note the following may be needed
#   Add the following lines to rsyslog.conf file
#
#  $ModLoad imudp
#  $UDPServerRun 514
#
# configure Syslog facility appender
log4j.appender.SYSLOG=org.apache.log4j.net.SyslogAppender
log4j.appender.SYSLOG.threshold=WARN
log4j.appender.SYSLOG.syslogHost=<localhost>
log4j.appender.SYSLOG.facility=LOCAL4
log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout
log4j.appender.SYSLOG.layout.conversionPattern=[%p] %c:%L - %m%n

 

 

 

 

  • No labels