WAS v8.5 > Reference > SetsSecurity Auditing detail
The Security auditing subsystem can be enabled and configured from this panel, by users assigned the auditor role.
To view this dmgr console page, click Security > Security Auditing. If Enable security auditing is not selected, then all of the other fields on this panel will be disabled.
Enable security auditing
The Enable security auditing check box allows users to enable or disable Security Auditing. By default, Security Auditing will not be enabled. This field corresponds with the auditEnabled field in the audit.xml file.
Audit subsystem failure action
The Audit subsystem failure action setting describes the behavior of the application server in the event of a failure in the auditing subsystem. Audit Notifications must be configured in order for notifications of a failure in the audit subsystem to be logged. If security auditing is not enabled, then these actions will not be performed. Failures can include an error in the interface or in the event processing. By default, the audit subsystem failure action setting is set to No warning.
The Audit subsystem failure action dropdown menu has the following options:
- No warning
The No warning action specifies the auditor will not be notified of a failure in the audit subsystem. WAS v8.5 will continue processing but audit reporting will be disabled.
- Log warning
The Log warning action specifies the auditor will be notified of a failure in the audit subsystem. WAS v8.5 will continue processing but audit reporting will be disabled.
- Terminate server
The Terminate server action specifies the application server to gracefully quiesce when an unrecoverable error occurs in the auditing subsystem. If email notifications are configured, the auditor will be sent a notification that an error has occurred. If logging to the system log is configured, the notification of the failure will be logged to the system file.
Primary auditor user name
The Primary auditor user name dropdown menu defines a valid user which exists in the current user registry and for whom the auditor role has been given. By default, this field is blank and is a required field.
Enable verbose auditing
The Enable verbose auditing option determines the amount of audit data that is reported in an audit record. Verbose mode captures all the auditable data points, whereas not enabling verbose mode captures only a subset of the available data. This option is disabled by default.
Reference:
Event type filters page
Audit service provider page
Audit event factory configuration page
Audit encryption keystores and certificates page
Audit record encryption configuration settings
Audit record signing configuration settings
Audit monitor page