Security event logging
Security events on a service integration bus are logged as audit or error records in the SystemOut.log file for the bus.
This topic references one or more of the application server log files. As a recommended alternative, we can configure the server to use the High Performance Extensible Logging (HPEL) log and trace infrastructure instead of using SystemOut.log , SystemErr.log, trace.log, and activity.log files on distributed and IBM i systems. We can also use HPEL in conjunction with the native z/OS logging facilities. If we are using HPEL, we can access all of the log and trace information using the LogViewer command-line tool from the server profile bin directory. See the information about using HPEL to troubleshoot applications for more information on using HPEL.
A security event is the outcome of an attempt by a connecting client application to authenticate to a bus. There are two possible outcomes: authentication success, and authentication failure. Success is logged as an audit record, and failure as an error record. We can control the type and number of audit and error records logged for a bus by configuring a custom property for the bus, in the console. The property is a name-value pair called audit.bus.authentication that can have one of the following three string values:
- all
- Audit every attempt to authenticate to the bus.
- failure
- Audit only failure to authenticate to the bus.
- none
- Do not audit any attempt to authenticate to the bus.
Related concepts
Loggers
Related tasks
Configure bus properties Use High Performance Extensible Logging to troubleshoot applications