WAS v8.5 > Reference > Commands (wsadmin scripting)

AuditNotificationCommands command group for AdminTask

We can use the Jython scripting language to manage the security auditing system with wsadmin. Use the commands and parameters in the AuditNotificationCommands group to manage audit notifications and audit notification monitors.

IBM recommends using the HPEL log and trace infrastructure. With HPEL, one views logs using the LogViewer command-line tool in PROFILE/bin.

Use the following commands to configure your security auditing system notifications:


createAuditNotification

The createAuditNotification command creates an audit notification object in the audit.xml configuration file.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-notificationName

Unique name to assign the audit notification object. (String, required)

-logToSystemOut

Whether the system logs notifications to the SystemOut.log file.(Boolean, required)

-sendEmail

Whether to email security auditing subsystem failure notifications. (Boolean, required)

Optional parameters

-emailList

Email list to send security auditing subsystem failure notifications. (String, optional)

-emailFormat

Email format. Specify HTML for HTML format or TEXT for text format. (String, optional)

Return value

The command returns the shortened reference ID of the new audit notification object, as the following sample output displays:

Interactive mode example usage


createAuditNotificationMonitor

The createAuditNotificationMonitor command creates an audit notification monitor object for the security auditing system. This object monitors the security auditing subsystem for possible failure.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-monitorName

Unique name of the audit notification monitoring object. (String, required)

-notificationRef

Specifies the reference ID of the audit notification object. (String, required)

-enable

Whether to enable the audit notification monitor. (Boolean, required)

Return value

The command returns the shortened form of the reference ID for the audit notification monitor, as the following sample output displays:

Interactive mode example usage


deleteAuditNotification

The deleteAuditNotification command deletes an audit notification object from the audit.xml configuration file.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-notificationRef

Specifies the reference ID of the audit notification object to delete. (String, required)

Return value

The command returns a value of true if the system successfully deletes the audit notification object from the audit.xml configuration file.

Interactive mode example usage


deleteAuditNotificationMonitorByName

The deleteAuditNotificationMonitorByName command deletes the audit notification monitor the user specifies with the unique name.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-monitorName

Unique name of the audit notification monitor to delete. (String, required)

Return value

The command returns a value of true if the system successfully deletes the audit notification monitor from the configuration.

Interactive mode example usage


deleteAuditNotificationMonitorByRef

The deleteAuditNotificationMonitorByRef command deletes the audit notification monitor the user specifies with the reference ID.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-monitorRef

Specifies the reference ID of the audit notification monitor object to delete. (String, required)

Return value

The command returns a value of true if the system successfully deletes the audit notification monitor of interest.

Interactive mode example usage


getAuditNotification

The getAuditNotification command retrieves the attributes for an audit notification object of interest.

The user must have the monitor administrative role to run this command.

Target object

None.

Required parameters

-notificationRef

Specifies the reference ID of the audit notification object of interest. (String, required)

Return value

The command returns a list of attributes for the specific audit notification object, as the following sample output displays:

{{name mynotification}
{sslConfig {}}
{logToSystemOut true}
{_Websphere_Config_Data_Id cells/CHEYENNENode04Cell|audit.xml#WSNotification_1184690835390}
{emailList sweetshadow@us.ibm.com(smtp-server.us.ibm.com)}
{sendEmail true}
{_Websphere_Config_Data_Type WSNotification}
{properties {}}
{emailFormat HTML}}

Batch mode example usage

Interactive mode example usage


getAuditNotificationMonitor

The getAuditNotificationMonitor command retrieves the attributes the system associates with the audit notification monitor of interest.

The user must have the monitor administrative role to run this command.

Target object

None.

Required parameters

-monitorRef

Specifies the reference ID of the audit notification monitor of interest. (String, required)

Return value

The command returns a list of attributes for the audit notification monitor of interest, as the following sample output displays:

{{name mymonitor}
{enabled true}
{_Websphere_Config_Data_Id cells/Node04Cell|audit.xml#AuditNotificationMonitor_1184695615171}
{_Websphere_Config_Data_Type AuditNotificationMonitor}
{wsNotification mynotification(cells/Node04Cell|audit.xml#WSNotification_1184690835390)}}

Interactive mode example usage


getEmailList

The getEmailList command retrieves the email distribution list for the audit notification object. If the notification monitor is not configured, the audit notification object is not active and the command returns a null value.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns this email list for the active audit notification object, as the following sample output displays:

Interactive mode example usage


getSendEmail

The getSendEmail command displays whether or not the audit notification object sends an email if the audit subsystem fails. If the notification monitor is not configured, the audit notification object is not active and the command returns a null value.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns a value of true if the system is configured to send an email to the distribution list.

Interactive mode example usage


getAuditNotificationRef

The getAuditNotificationRef command retrieves the reference ID for the active audit notification object. If the notification monitor is not configured, the audit notification object is not active and the command returns a null value.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns the reference ID of the audit notification object if it is active, as the following sample output displays:

Interactive mode example usage


getAuditNotificationName

The getAuditNotificationName command retrieves the unique name for the active audit notification object. If the notification monitor is not configured, the audit notification object is not active and the command returns a null value.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns the unique name of the audit notification object, as the following sample output displays:

Interactive mode example usage


isSendEmailEnabled

The isSendEmailEnabled command determines if the system is configured to send an email if the security auditing subsystem fails.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns a value of true if email notification is enabled.

Interactive mode example usage


isAuditNotificationEnabled

The isAuditNotificationEnabled command determines whether the security auditing system notifications are enabled.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns a value of true if security auditing system notifications are enabled.

Interactive mode example usage


listAuditNotifications

The listAuditNotifications command retrieves the attributes for each audit notification object that is configured in the audit.xml file.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns a list of attributes for each configured audit notification object, as the following sample output displays:

{{name mynotification}
{sslConfig {}}
{logToSystemOut true}
{_Websphere_Config_Data_Id cells/CHEYENNENode04Cell|audit.xml#WSNotification_1184690835390}
{emailList sweetshadow@us.ibm.com(smtp-server.us.ibm.com)}
{sendEmail true}
{notificationRef WSNotification_1184690835390}
{_Websphere_Config_Data_Type WSNotification}
{properties {}}
{emailFormat HTML}}

Batch mode example usage

Interactive mode example usage


listAuditNotificationMonitors

The listAuditNotificationMonitors command lists the attributes for the audit notification monitor that is configured in the audit.xml file.

The user must have the monitor administrative role to run this command.

Target object

None.

Return value

The command returns a list of attributes for the audit notification monitor, as the following sample output displays:

{{name mymonitor}
{enabled true}
{_Websphere_Config_Data_Id cells/Node04Cell|audit.xml#AuditNotificationMonitor_1184695615171}
{_Websphere_Config_Data_Type AuditNotificationMonitor}
{monitorRef AuditNotificationMonitor_1184695615171}
{wsNotification mynotification(cells/Node04Cell|audit.xml#WSNotification_1184690835390)}
{notificationRef WSNotification_1184690835390}}

Interactive mode example usage


modifyAuditNotification

The modifyAuditNotification command edits the audit notification object in the audit.xml configuration file.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-notificationRef

Specifies the reference ID of the audit notification object to edit. (String, required)

Optional parameters

-logToSystemOut

Whether to log notifications to the SystemOut.log file. (Boolean, optional)

-sendEmail

Whether to email notifications. (Boolean, optional)

-emailList

Email address of distribution list where the system sends email notifications. (String, optional)

-emailFormat

Email format. Specify HTML for HTML format or TEXT for text format. (String, optional)

Return value

The command returns a value of true if the system successfully updates the security auditing system configuration.

Interactive mode example usage


modifyAuditNotificationMonitor

The modifyAuditNotificationMonitor command edits the audit notification monitor configuration for the security auditing system.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-monitorRef

Specifies the reference ID of the audit notification monitor of interest. (String, required)

Optional parameters

-notificationRef

Specifies the reference ID of the audit notification object. (String, optional)

-enable

Whether to enable the audit notification monitor. (Boolean, optional)

Return value

The command returns a value of true if the system successfully updates the audit notification monitor configuration.

Interactive mode example usage


setEmailList

The setEmailList command specifies the distribution list to send email notifications to if the security auditing subsystem fails.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-emailList

Email address or email distribution list to send audit notifications to. (String, required)

Return value

The command returns a value of true if the system successfully sets the email notification list for the notification object.

Interactive mode example usage


setSendEmail

The setSendEmail command enables or disables email notifications for the security auditing system.

The user must have the auditor administrative role to run this command.

Target object

None.

Required parameters

-enable

Whether to enable the system to send audit notifications by email. (Boolean, required)

Return value

The command returns a value of true if the system successfully modifies the configuration.

Interactive mode example usage


Reference:

AuditKeyStoreCommands command group for AdminTask
AuditEmitterCommands for AdminTask
AuditSigningCommands command group for AdminTask
AuditEncryptionCommands command group for AdminTask
AuditEventFactoryCommands for AdminTask
AuditFilterCommands command group for AdminTask
AuditPolicyCommands command group for AdminTask
AuditEventFormatterCommands command group for AdminTask


+

Search Tips   |   Advanced Search