Oracle® Adaptive Access Manager Installation and Configuration Guide Release 10g (10.1.4.5) Part Number E12050-03 |
|
|
View PDF |
Adaptive Risk Manager enables detailed logging through log4j logging mechanisms.
Log4j options that Adaptive Risk Manager uses are:
Appenders - Used to define where log output goes. Appenders can output to files, SMTP (email), JDBC (database), or even JMS. Multiple appenders of the same type can be defined.
Loggers - Used to define to which appenders output is logged. Loggers can have multiple appenders attached to them.
This logging system is configured by placing the log4j.xml file in the web application's WEB-INF/classes folder and by specifying the log output path for appenders and the level of logging.
For email alerts to work, third-party libraries must be copied into the WEB-INF/lib folder. The required files are
activation.jar, which can be downloaded from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp
mail.jar, which can be downloaded from http://java.sun.com/products/javamail/
Create directories for the log files.
Oracle recommends the directory/file permission should be (rw-,r---). Only the install owner and group should be allowed to read these files due to the sensitive nature of the information that could be contained within them.
There are various parameters that can be configured in log4j.xml based on application needs.
To edit log4j.xml parameters,
Locate the log4j.xml file under the oarm/WEB-INF/classes/ directory.
Update the log output path for each appender.
Search for <param name="File" value=" and change the file path for the logs appropriately.
Configure SMTP for emailing warnings and errors (optionally).
A list of commonly edited log4j.xml parameters is shown below. If you want your log files to be created in a non-default location, specify the path for the log file location. Refer to the highlighted text below.
<appender name="FILE" class="org.apache.log4j.DailyRollingFileAppender"> <param name="File" value="/home/logs/oarm_log.txt" /> <param name="DatePattern" value="'.'yyyy-MM-dd-HH" /> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %-5p[app=%log4j.webapp.name%] [%t] %c - %m\n" /> </layout> </appender>
Note:
Ensure that you have the log file location set correctly.Output in the logs can be configured for different levels--from detailed to specific data logging--based on the application requirements and space. The set of possible levels include INFO, WARN, ERROR and FATAL.
To change the level of logging, update the value in <level value >. Refer to the example below:
<logger name="com.bharosa"> <level value="INFO" /> </logger> <logger name="AlertEmail" additivity="false"> <appender-ref ref="ALERT_EMAIL" /> </logger>
Our alerts correspond to the following log4j levels:
FATAL - for high alerts
ERROR - for medium alerts
WARN - for low alerts
INFO - for details on the alerts
For "instant alert" fraud detection, we recommend setting up an SMTP appender for alerts only. Refer to the example shown below:
<appender name="ALERT_EMAIL" class="org.apache.log4j.net.SMTPAppender"> <param name="BufferSize" value="512" /> <param name="SMTPHost" value="localhost" /> <param name="From" value="vadmin" /> <param name="To" value="lenny@localhost" /> <param name="Subject" value="[app=fauio]Log4j:Bharosa" /> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="[%d{ISO8601}]%n%n%-5p%n%n%c%n%n%m%n%n" /> </layout> </appender>
In order to use this appender, add the logger to the log4j.xml file as shown below:
<logger name="AlertEmail" additivity="false"> <level value="fatal"/> <appender-ref ref="ALERT_EMAIL" /> </logger>
Output in the logs can be configured for different levels--from detailed to specific data logging--based on the application requirements and space. The set of possible levels include INFO, WARN, ERROR and FATAL.
Our alerts correspond to the following log4j levels:
FATAL - for high alerts
ERROR - for medium alerts
WARN - for low alerts
INFO - for details on the alerts