Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-2755

Elytron Audit Logging: rotating-file-audit-log's event timestamp lacks information about seconds

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 3.0.0.Beta18
    • None
    • Security
    • None
    • Hide

      These steps could be followed in order to get a few records in Audit Log file:

      1. Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron
      2. (Optionally) Add user via add-user.sh (as Application User)
      3. Start server and deploy war attached to WFCORE-2625 (containing servlet secured with BASIC HTTP auth)
      4. (Optionally) see the format of file-audit-log resource
        1. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
        2. Check JBOSS_HOME/standalone/log/audit.log
      5. Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d)
      6. Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit)
      7. Reload server :reload
      8. Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password
      9. Check JBOSS_HOME/standalone/log/rotating-audit.log
      Show
      These steps could be followed in order to get a few records in Audit Log file: Follow steps Configure Elytron (default profile) in blog post in order to change default configuration to Elytron (Optionally) Add user via add-user.sh (as Application User) Start server and deploy war attached to WFCORE-2625 (containing servlet secured with BASIC HTTP auth) (Optionally) see the format of file-audit-log resource Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/audit.log Add rotating-file-audit-log /subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,relative-to=jboss.server.log.dir,suffix=y-M-d) Use added security-event-listener in ApplicationDomain /subsystem=elytron/security-domain=ApplicationDomain:write-attribute(name=security-event-listener,value=rotating-audit) Reload server :reload Access http://127.0.0.1:8080/protected/printRoles in a browser and fill in username and password Check JBOSS_HOME/standalone/log/rotating-audit.log

      The format of rotating-file-audit-log's timestamp is insufficient. It lacks the information about seconds which might be a problem in an environment with thousands of active users.
      Furthermore the format of timestamp is inconsistent with the file-audit-log.

      file-audit-log:

      2017-05-03 13:44:07

      rotating-file-audit-log:

      5/3/17 1:44 PM

      Suggestions for improvement:
      Use the same format of timestamp in_rotating-file-audit-log_ as is already used in file-audit-log.

              yborgess1@redhat.com Yeray Borges Santana
              jtymel Jan Tymel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: