Create audit files of UI object changes

Introduction

Activator provides tools for generating audit logs of the changes that users perform on objects in the UI. This includes changes implemented when creating objects (using the add wizards) and when modifying objects (working in modification pages). The resulting logs show which user made changes, at what time and date the change was made, and provide details of the change.

Audit information is collected for changes to the following objects:

Parties (Partners and Communities)
Contacts
Routing IDs
Certificates
PGP Certificates
Delivery Exchanges
Attributes

Configuration file

The information that Activator audits is controlled by the audit_config.xml file located in <install_directory>/Interchange/conf.

Log files

By default, auditing is disabled on system startup, however the CSV audit file, <machine_name>_cn_audit.csv, file is created for each node in the directory <install_directory>/Interchange/logs. When you activate object change auditing, Activator generates the audit information to this file.

Additionally, by activating an option in the audit_config.xml file, you can generate audit logs to <machine_name>_cn_audit.xml. This XML formatted file provides raw trace data that you can use for additional fine tuning of information, which you can then convert to the CSV format. When activated, the XML version of this log file is also located in the <install_directory>/Interchange/logs directory.

To activate logging to the XML file, see Activate logging to XML file.

When both output types are enabled, the logger formats and outputs information both CSV and XML files. You must enable at least one of the output types to enable auditing.

Logged audit data

For each object type, audit log files collect the following information:

User – Account name of the user who implemented the change.
Timestamp – Time and date of the change.
Transaction ID – Unique ID used to group a set of auditing changes. When a user implements more than one change on a single object and then saves the changes (for example, modifies several fields in an object configuration page), the modifications are displayed in the audit log as several actions that share a single Transaction ID.
Object ID – Database ID of the object that has been changed.
Object Type – Type of object that was changed (Partner, Certificate, Attribute, ...).
Object Name – Display name of the object that was changed in the UI.
Action – Nature of the change (Added, Updated, Deleted, ...).
Related Object ID – Database ID of the object’s parent.
Related Object Type – Object type of changed object's parent.
Related Object Name – Display name of the changed object's parent.
Attribute Name – Database name (not UI display name) of object's changed attribute.
Old Value – Value of the attribute before the change.
New Value – Value of the object after the change. If the modified value is an element of a list, the entire list is recorded as the new value.

Activate object change auditing

To activate object-change auditing:

Go to <Interchange_install_directory>/conf.
Open audit_config.xml in a text editor.
Set the following attribute to "true" as in the following line:
<NodeType type="CN" enabled="true">
Save the file.
Restart Activator.

Activate logging to XML file

By default, when object change auditing is activated, Activator logs user change events to <install_directory>\logs\<machine_name>_cn_audit.csv. To additionally activate logging to <install_directory>\logs\<machine_name>_cn_audit.csv:

Go to <install_directory>/conf.
Open audit_config.xml in a text editor.
Remove the comment from the line:

Save the file.
Restart Activator.

Tune object change audit outputs

Axway recommends that the default settings only be modified by an administrator or with the aid of an Axway services resource. Changes made to the audit configuration can have an impact on the type of objects being logged, and can possibly cause the auditing process to not work properly.

To control the information that is generated to the output files, you can modify the attributes of the audit_config.xml file.

By default, the configuration is set to audit specific partner-related configuration changes made in the UI.

The audit_config.xml configuration file controls which objects are logged, based on the following class settings:

<IncludedClasses regex=".*ExchangePoint"/>

<IncludedClasses regex=".*PropertyFieldValue"/>

<IncludedClasses regex="com.cyclonecommerce.collaboration.*Party"/>

<IncludedClasses regex="com.cyclonecommerce.collaboration.messagingids.*MessagingId"/>

<ExcludedClasses regex="com.cyclonecommerce.cachet.administration.*"/>

<ExcludedClasses regex="com.cyclonecommerce.cachet.security.session.*"/>

<ExcludedClasses regex="com.cyclonecommerce.alerts.*"/>

<ExcludedClasses regex="com.cyclonecommerce.tradingengine.alerts.*"/>

<ExcludedClasses regex="com.cyclonecommerce.collaboration.alerts.*"/>

Removing any of the above settings affects the type of objects that are logged.

To log all objects, remove the comment markers from the following line:

Enabling the above setting, and commenting out the “Included/Excluded Classes” settings, results in the capture of all activity persisted in the database, and enables logging of activities in the default CSV log file.

Note

Only the partner-specific objects are formatted properly in the log file, based on configuration file settings. All other objects are logged without formatting, and in most cases will derive names from database naming instead of UI display naming.