Auditing

IBM WebSphere Portal includes an auditing function that allows users to log certain events and their originators in to a separate log file. This file can then be used to track administrative activities.

The following details are logged for each event:

• The time stamp
• An optional transaction ID
• An optional project ID
• The user action
• Individual event details

If the user who does the action (for example, Bob) is impersonated by another user (for example, Alice), the user is shown as [Bob[Alice]] in the log file.

Use the auditing function on the following events:

• Create, modify, and delete users and groups
• Assign and revoke roles to and from users
• Modify role blocks
• Modify resource ownership
• Create, modify, and delete protected resources
• Externalize and internalize resources
• Install and uninstall web modules
• Create and delete application roles
• Assign and revoke application roles to and from users
• Add and delete roles to application roles
• Initializing a database domain
• Create, modify, and delete portlet applications using IBM Lotus Component Designer
• Start and ending impersonating a user or impersonating a user without the appropriate permission.

To activate and configure the auditing function, modify the auditing service settings in the Auditing Service by following the steps provided in the Setting service configuration properties file.

Parent Monitoring

Related tasks: Set service configuration properties