Auditing

IBM WebSphere Portal ships an auditing function that allows users to log certain events and their originators into a separate log file. This file can then be used to track administrative activities. For each event the timestamp, an optional transaction ID, an optional project ID, the user performing the action, and individual event details are logged. If the user performing the action (for example Bob) is being impersonated by another user (for example Alice), the user is shown as [Bob[Alice]] in the log file.

We can use the auditing function on the following events:

• Create, modify and delete users and groups
• Assign and revoke roles to and from users
• Modify role blocks
• Modify resource ownership
• Create, modify and delete protected resources
• Externalize and internalize resources
• Install and uninstall Web modules
• Create and delete application roles
• Assign and revoke application roles to and from users
• Add and delete roles to application roles
• Initializing a database domain
• Creating, modifying and deleting portlet applications using IBM Lotus Component Designer.
• Start and end impersonating a user or impersonating a user without the appropriate permission

To activate and configure the auditing function, modify the auditing service settings in the Auditing Service using the steps provided in the Setting service configuration properties file.

Parent: Monitoring
Related:
Set service configuration properties