2.5.3. Configuring Audit Logging
Audit logging can be configured to print authentication and authorization information for each thread and EJB call.
Important
Logging individual requests is a resource intensive activity. Test the impact this will have on your server and application performance before enabling this level of logging on a production server.
Procedure 2.2. Monitor Server Startup and Shutdown Events
Enable server startup and shutdown events by making the recommended changes to
JBOSS_HOME/server/production/conf/jboss-log4j.xml
Uncomment Security Audit Appender
Uncomment the following block.<!-- Security AUDIT Appender --> <appender name="AUDIT" class="org.jboss.logging.appender.DailyRollingFileAppender"> <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/> <param name="File" value="${jboss.server.log.dir}/audit.log"/> <param name="Append" value="true"/> <param name="DatePattern" value="'.'yyyy-MM-dd"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %-5p [%c] (%t:%x) %m%n"/> </layout> </appender>
Uncomment Security Audit Provider
Uncomment the following block:<!-- Category specifically for Security Audit Provider --> <category name="org.jboss.security.audit.providers.LogAuditProvider" additivity="false"> <priority value="TRACE"/> <appender-ref ref="AUDIT"/> </category>
Configure SecurityInterceptor logging level
Set the logging level of theSecurityInterceptor
class toTRACE
by adding the <priority> element to the root <category> element.<category name="org.jboss.ejb.plugins.SecurityInterceptor"> <priority value="TRACE" /> <appender-ref ref="AUDIT" /> </category>
Enable logging for ServerImpl log messages
Set the priority and appender-ref levels for the Microcontainer bootstrap by adding the <category> block as specified.<category name="org.jboss.bootstrap.microcontainer"> <priority value="INFO"/> <appender-ref ref="AUDIT"/> </category>
Enable logging for web-based requests
If you need additional logging for web-based requests, uncomment theAccessLogValve
inJBOSS_HOME/server/production/deploy/jbossweb.sar/server.xml
.<Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".log" pattern="common" directory="${jboss.server.home.dir}/log" resolveHosts="false" />
The access log is saved in thelog
directory of the server configuration.Update ConversionPattern
Update the ConversionPattern parameter in the appender/layout element to show thread information by replacing the Default Pattern with the Full Pattern:<!--The full pattern: Date MS Priority [Category] (Thread:NDC) Message --> <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>