In an organization with more than one Administrator working on a typical Weblogic domain(s) there is a possibility of changes being made without one others knowledge [might not be at the same time] and might cause some issues. This post will demonstrate a step-by-step configuration on how to have an audit of all the configuration changes made.
####<Jun 21, 2011 4:04:21 PM MDT> <Info> <Configuration Audit> <NAND-W7> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1308693861841> <BEA-159907> <USER weblogic INVOKED ON Security:Name=myrealmDefaultAuthenticator METHOD getUserDescription PARAMS test>
To have an audit of all the configuration changes such as below the "Configuration Audit Type" of the domain should be set as appropriate. This feature can also audit any changes that were made and not activated but released in the audit log entries.
-- Addition/deletion of configuration items
-- Modification of a setting
-- Addition/deletion of a user, group, etc.
-- Password resets
-- And so on
-- Password resets
-- And so on
Enable configuration auditing
1. If you have not already done so, in the Change Center of the Administration Console, click "Lock & Edit"
2. In the left pane, click on the domain name.
3. In the right pane, Select Configuration > General tab and click on Advanced link at the bottom of General settings tab page.
4. Select one of below the appropriate Configuration Audit Type value. Default is none. In my case I am using Change Log and Audit.
-- None - do not audit configuration change events.
-- Change Log - Configuration events will be written to the server log.
-- Change Audit - Configuration events will be directed to the Security Framework and handled by the Auditing provider.
-- Change Log and Audit - Configuration events will written to the server log as well as directed to the Security Framework and handled by the Auditing provider.
5. Click Save and in the Change Center of the Administration Console, click "Activate Changes".
6. Restart all the Weblogic Server instances specified in the Restart-Checklist for changes to take effect.
Note: All the Configuration Changes audits are saved in Admin Server log. So before you restart the Admin Server make sure you keep a copy of the Admin Server log.
Testing the Configuration Auditing
Below are some of the configuration change audits when i created a 'test' user and assigned the user to Administrators group.
####<Jun 21, 2011 4:04:21 PM MDT> <Info> <Configuration Audit> <NAND-W7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1308693861750> <BEA-159907> <USER weblogic INVOKED ON Security:Name=myrealmDefaultAuthenticator METHOD createUser PARAMS test; ****; Test User>
####<Jun 21, 2011 4:04:21 PM MDT> <Info> <Configuration Audit> <NAND-W7> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1308693861841> <BEA-159907> <USER weblogic INVOKED ON Security:Name=myrealmDefaultAuthenticator METHOD getUserDescription PARAMS test>
####<Jun 21, 2011 4:07:05 PM MDT> <Info> <Configuration Audit> <NAND-W7> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1308694025758> <BEA-159907> <USER weblogic INVOKED ON Security:Name=myrealmDefaultAuthenticator METHOD addMemberToGroup PARAMS Administrators; test>
2 comments:
What's up to all, how is all, I think every one is getting more from this web page, and your views are good in support of new users.
my web-site; http://www.zimbio.com/News/articles/ouDUk3Kss0E/Pilates+guide
If you want to eat the best products in Spain visit www.alicantedelicatessen.com and enjoy it!
Post a Comment