Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-10708

Elytron Audit Logging: rotating-file-audit-log's event timestamp does not contain seconds

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 7.1.0.DR18
    • 7.1.0.DR17
    • Security
    • None
    • Not Required
    • Hide

      These steps could be followed in order to get a few records in Audit Log file:

      1. Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      2. (Optionally) Add user via add-user.sh (as Application User)
      3. Start server and deploy war attached to JBEAP-9019 (containing servlet secured with BASIC HTTP auth)
      4. (Optionally) see the format of file-audit-log resource
        1. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
        2. Check JBOSS_HOME/standalone/log/audit.log
      5. Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d)
      6. Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit)
      7. Reload server :reload
      8. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
      9. Check JBOSS_HOME/standalone/log/rotating-audit.log
      Show
      These steps could be followed in order to get a few records in Audit Log file: Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron (Optionally) Add user via add-user.sh (as Application User) Start server and deploy war attached to JBEAP-9019 (containing servlet secured with BASIC HTTP auth) (Optionally) see the format of file-audit-log resource Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/audit.log Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d) Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit) Reload server :reload Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/rotating-audit.log

    Description

      The format of rotating-file-audit-log's timestamp is insufficient. It lacks the information about seconds which might be a problem in an environment with thousands of active users.
      Furthermore the format of timestamp is inconsistent with the file-audit-log.

      file-audit-log:

      2017-05-03 13:44:07

      rotating-file-audit-log:

      5/3/17 1:44 PM

      Suggestions for improvement:
      Use the same format of timestamp in_rotating-file-audit-log_ as is already used in file-audit-log.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2755 Elytron Audit Logging: rotating-file-audit-log's event timestamp lacks information about seconds

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-10508 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta21

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-9019 Elytron Audit Logging's event timestamp lacks information about seconds

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified

          Activity

            People

              yborgess1@redhat.com Yeray Borges Santana
              jtymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Jan Tymel Jan Tymel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: