Auditing
To have a continuous, written record of the changes in nevisIDM, the security-relevant events are audited in a specific audit log file. The purpose of the audit file is to record who has done what and when.
The business logic processing the data changes first creates an entry in the persistent event queue. Later, this entry is consumed by a background audit job, which calls the audit module to process the entry.
The audit module supports multiple audit providers. Currently, there are two providers to choose from: the jsonAuditProvider (default) and the jcanLogAuditProvider:
- The jsonAuditProvider writes audit entries in JSON data format into the files specified by application.modules.auditing.file property in nevisidm-prod.properties.
- The jcanLogAuditProvider can be specified through the nevisIDM config log. The config log configures the logging.yml file. The relevant section is the AUDIT logger, the relevant category is the IDM.JcanLogAudit category.
Deprecated
The audit provider jcanLogAuditProvider is marked as deprecated. Use the jsonAuditProvider audit provider instead.