Secure > Enhance site security


Enable access logging

When enabled, the access logging feature logs either all incoming requests to the WebSphere Commerce Server or only the requests resulting in access violations. Examples of access violations are authentication failure or insufficient authority to execute a command. When enabled, access logging allows a WebSphere Commerce administrator to quickly identify security threats to the WebSphere Commerce system. When an authentication failure or authorization failure event occurs, the following information is logged to the access log file database tables, ACCLOGMAIN and ACCLOGSUB:


Procedure

  1. Open the Configuration Manager.

  2. Select WebSphere Commerce > node_name > Commerce > Instance List > instance > Components > AccessLoggingEventListener.

  3. In the General panel, activate the Enable Component check-box.

  4. Select the Advanced panel and enable Start.

  5. Click Apply.

  6. Close the Configuration Manager.

  7. Restart the WebSphere Commerce instance.

  8. To change the size of the log file, or to specify whether all requests are logged or not, manually edit the instance.xml file for the WCS instance located in the WebSphere Commerce instances subdirectory:

    1. Open the WebSphere Commerce configuration file for the instance in an editor.

    2. Locate the following node, which is located in the <LogSystem>/<activitylog> node:

      <accessLogging cacheSize="aa" logAllRequests="bbbbb" />
      

      Where:

      aa

      is an integer value specifying the maximum number of entries that will be logged to memory before entries are written to the database. Generally a higher number will result in improved performance with respect to access logging. The default value is 32.

      bbbbb

      is either true or false. A value of true means that all incoming requests are logged. A value of false means that only access violations are logged.

      To prevent excessive or unnecessary logging, a value of false is recommended. Use true only when you suspect authentication problems or security contravention at the site. The default value is false.

    3. When you have completed the updates, save the file.

    4. If you have edited the master instance.xml file in WC_INSTALL/instances/instance, run UpdateEAR.

    5. Restart the WCS instance.
    In the following example, the access logging keeps 3 entries in memory before logging entries to the database tables. In addition, it logs all incoming requests to the WebSphere Commerce Server:

    <accessLogging cacheSize="3" logAllRequests="true" />
    


+

Search Tips   |   Advanced Search