Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-15472

[GSS](7.1.z) periodic-rotating-file-audit-log / size-rotating-file-audit-log configuration does not persist when file-audit-log is not defined in elytron subsystem

XMLWordPrintable

    • Hide

      1. Remove the existing "file-audit-log"

      [standalone@localhost:9990 /] /subsystem=elytron/file-audit-log=local-audit:remove

      2. Reload (or restart) the server:

      [standalone@localhost:9990 /] :reload

      3. Add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log":

      [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:add(path="my_periodic_audit.log",relative-to="jboss.server.log.dir",format=SIMPLE,synchronized=false,suffix=".yyyy-MM-dd-HH")

or

[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:add(path="my_size_audit.log",relative-to="jboss.server.log.dir",format=SIMPLE,synchronized=false,rotate-size="2m",max-backup-index=10)

      4. Confirm the configuration was added correctly:

      [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "success",
    "result" => {
        "format" => "SIMPLE",
        "path" => "my_periodic_audit.log",
        "relative-to" => "jboss.server.log.dir",
        "suffix" => ".yyyy-MM-dd-HH",
        "synchronized" => false
    }
}

or

[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource
{
    "outcome" => "success",
    "result" => {
        "format" => "SIMPLE",
        "max-backup-index" => 10,
        "path" => "my_size_audit.log",
        "relative-to" => "jboss.server.log.dir",
        "rotate-on-boot" => false,
        "rotate-size" => "2m",
        "suffix" => undefined,
        "synchronized" => false
    }
}

      4. However, the configuration does not persist in the configuration file (standalone.xml):

      $ cat standalone/configuration/standalone.xml | grep -e periodic-rotating-file-audit-log -e size-rotating-file-audit-log
// no result

      5. Also, as the configuration does not persist, you will fail to read the resource after reloading (or restarting) the server:

      [standalone@localhost:9990 /] :reload
[standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"periodic-rotating-file-audit-log\" => \"my_periodic_audit_log\")
]' not found",
    "rolled-back" => true
}
[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"size-rotating-file-audit-log\" => \"my_size_log\")
]' not found",
    "rolled-back" => true
}
      Show
      1. Remove the existing "file-audit-log" [standalone@localhost:9990 /] /subsystem=elytron/file-audit-log=local-audit:remove 2. Reload (or restart) the server: [standalone@localhost:9990 /] :reload 3. Add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log": [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:add(path= "my_periodic_audit.log" ,relative-to= "jboss.server.log.dir" ,format=SIMPLE, synchronized = false ,suffix= ".yyyy-MM-dd-HH" ) or [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:add(path= "my_size_audit.log" ,relative-to= "jboss.server.log.dir" ,format=SIMPLE, synchronized = false ,rotate-size= "2m" ,max-backup-index=10) 4. Confirm the configuration was added correctly: [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource { "outcome" => "success" , "result" => { "format" => "SIMPLE" , "path" => "my_periodic_audit.log" , "relative-to" => "jboss.server.log.dir" , "suffix" => ".yyyy-MM-dd-HH" , " synchronized " => false } } or [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource { "outcome" => "success" , "result" => { "format" => "SIMPLE" , "max-backup-index" => 10, "path" => "my_size_audit.log" , "relative-to" => "jboss.server.log.dir" , "rotate-on-boot" => false , "rotate-size" => "2m" , "suffix" => undefined, " synchronized " => false } } 4. However, the configuration does not persist in the configuration file (standalone.xml): $ cat standalone/configuration/standalone.xml | grep -e periodic-rotating-file-audit-log -e size-rotating-file-audit-log // no result 5. Also, as the configuration does not persist, you will fail to read the resource after reloading (or restarting) the server: [standalone@localhost:9990 /] :reload [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource { "outcome" => "failed" , "failure-description" => "WFLYCTL0216: Management resource '[ (\ "subsystem\" => \ "elytron\" ), (\ "periodic-rotating-file-audit-log\" => \ "my_periodic_audit_log\" ) ]' not found", "rolled-back" => true } [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource { "outcome" => "failed" , "failure-description" => "WFLYCTL0216: Management resource '[ (\ "subsystem\" => \ "elytron\" ), (\ "size-rotating-file-audit-log\" => \ "my_size_log\" ) ]' not found", "rolled-back" => true }

      As described in the EAP 7.1 documentaion, you can add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log" instead of "file-audit-log" in the elytron subsystem.

      However, "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" configuration does not persist in the configuration file (standalone.xml) and whole "audit-logging" configuration block disapears when "file-audit-log" is not defined in the elytron subsystem.

      Note that, even if you edit the configuration file (standalone.xml) and add "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" instead of "file-audit-log" manually, the "audit-logging" configuration will disappear after any other configuration change happens via CLI. So, it's not possible to configure "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" in EAP 7.1.

      This issue does not happen with EAP 7.2 Beta and the upstream WildFly 12 or later. I think WFCORE-2882 / JBEAP-11502 is related to this.

            rhn-support-ivassile Ilia Vassilev
            rhn-support-mmiura Masafumi Miura
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: