Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-15472

[GSS](7.1.z) periodic-rotating-file-audit-log / size-rotating-file-audit-log configuration does not persist when file-audit-log is not defined in elytron subsystem

    XMLWordPrintable

Details

    • Hide

      1. Remove the existing "file-audit-log"

      [standalone@localhost:9990 /] /subsystem=elytron/file-audit-log=local-audit:remove

      2. Reload (or restart) the server:

      [standalone@localhost:9990 /] :reload

      3. Add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log":

      [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:add(path="my_periodic_audit.log",relative-to="jboss.server.log.dir",format=SIMPLE,synchronized=false,suffix=".yyyy-MM-dd-HH")

or

[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:add(path="my_size_audit.log",relative-to="jboss.server.log.dir",format=SIMPLE,synchronized=false,rotate-size="2m",max-backup-index=10)

      4. Confirm the configuration was added correctly:

      [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "success",
    "result" => {
        "format" => "SIMPLE",
        "path" => "my_periodic_audit.log",
        "relative-to" => "jboss.server.log.dir",
        "suffix" => ".yyyy-MM-dd-HH",
        "synchronized" => false
    }
}

or

[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource
{
    "outcome" => "success",
    "result" => {
        "format" => "SIMPLE",
        "max-backup-index" => 10,
        "path" => "my_size_audit.log",
        "relative-to" => "jboss.server.log.dir",
        "rotate-on-boot" => false,
        "rotate-size" => "2m",
        "suffix" => undefined,
        "synchronized" => false
    }
}

      4. However, the configuration does not persist in the configuration file (standalone.xml):

      $ cat standalone/configuration/standalone.xml | grep -e periodic-rotating-file-audit-log -e size-rotating-file-audit-log
// no result

      5. Also, as the configuration does not persist, you will fail to read the resource after reloading (or restarting) the server:

      [standalone@localhost:9990 /] :reload
[standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"periodic-rotating-file-audit-log\" => \"my_periodic_audit_log\")
]' not found",
    "rolled-back" => true
}
[standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0216: Management resource '[
    (\"subsystem\" => \"elytron\"),
    (\"size-rotating-file-audit-log\" => \"my_size_log\")
]' not found",
    "rolled-back" => true
}
      Show
      1. Remove the existing "file-audit-log" [standalone@localhost:9990 /] /subsystem=elytron/file-audit-log=local-audit:remove 2. Reload (or restart) the server: [standalone@localhost:9990 /] :reload 3. Add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log": [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:add(path= "my_periodic_audit.log" ,relative-to= "jboss.server.log.dir" ,format=SIMPLE, synchronized = false ,suffix= ".yyyy-MM-dd-HH" ) or [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:add(path= "my_size_audit.log" ,relative-to= "jboss.server.log.dir" ,format=SIMPLE, synchronized = false ,rotate-size= "2m" ,max-backup-index=10) 4. Confirm the configuration was added correctly: [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource { "outcome" => "success" , "result" => { "format" => "SIMPLE" , "path" => "my_periodic_audit.log" , "relative-to" => "jboss.server.log.dir" , "suffix" => ".yyyy-MM-dd-HH" , " synchronized " => false } } or [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource { "outcome" => "success" , "result" => { "format" => "SIMPLE" , "max-backup-index" => 10, "path" => "my_size_audit.log" , "relative-to" => "jboss.server.log.dir" , "rotate-on-boot" => false , "rotate-size" => "2m" , "suffix" => undefined, " synchronized " => false } } 4. However, the configuration does not persist in the configuration file (standalone.xml): $ cat standalone/configuration/standalone.xml | grep -e periodic-rotating-file-audit-log -e size-rotating-file-audit-log // no result 5. Also, as the configuration does not persist, you will fail to read the resource after reloading (or restarting) the server: [standalone@localhost:9990 /] :reload [standalone@localhost:9990 /] /subsystem=elytron/periodic-rotating-file-audit-log=my_periodic_audit_log:read-resource { "outcome" => "failed" , "failure-description" => "WFLYCTL0216: Management resource '[ (\ "subsystem\" => \ "elytron\" ), (\ "periodic-rotating-file-audit-log\" => \ "my_periodic_audit_log\" ) ]' not found", "rolled-back" => true } [standalone@localhost:9990 /] /subsystem=elytron/size-rotating-file-audit-log=my_size_log:read-resource { "outcome" => "failed" , "failure-description" => "WFLYCTL0216: Management resource '[ (\ "subsystem\" => \ "elytron\" ), (\ "size-rotating-file-audit-log\" => \ "my_size_log\" ) ]' not found", "rolled-back" => true }

    Description

      As described in the EAP 7.1 documentaion, you can add "periodic-rotating-file-audit-log" or "size-rotating-file-audit-log" instead of "file-audit-log" in the elytron subsystem.

      However, "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" configuration does not persist in the configuration file (standalone.xml) and whole "audit-logging" configuration block disapears when "file-audit-log" is not defined in the elytron subsystem.

      Note that, even if you edit the configuration file (standalone.xml) and add "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" instead of "file-audit-log" manually, the "audit-logging" configuration will disappear after any other configuration change happens via CLI. So, it's not possible to configure "periodic-rotating-file-audit-log" / "size-rotating-file-audit-log" in EAP 7.1.

      This issue does not happen with EAP 7.2 Beta and the upstream WildFly 12 or later. I think WFCORE-2882 / JBEAP-11502 is related to this.

      Attachments

        Issue Links

          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-15545 (7.1.z) Upgrade WildFly Core to 3.0.21.Final-redhat-00001

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          links to

          Web Link KCS#3617161

          Activity

            People

              rhn-support-ivassile Ilia Vassilev
              rhn-support-mmiura Masafumi Miura
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: