Skip navigation.

eDocs Home > BEA WebLogic Server 8.1 Documentation > Administration Console Online Help > WebLogic Auditing Provider-->General

Administration Console Online Help

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index

 

WebLogic Auditing Provider-->General

Tasks     Related Topics     Attributes

Overview

Use this page to configure a WebLogic Auditing provider for a security realm.

Note: The WebLogic Server Administration Console refers to the WebLogic Auditing provider as the Default Auditor.

Auditing is the process whereby information about operating requests and the outcome of those requests are collected, stored, and disturbed for the purposes of nonrepudiation. In other words, auditing provides an electronic trail of computer activity. In the WebLogic Server security architecture, an Auditing provider is used to provide auditing services.

If configured, the WebLogic Server Security Framework will call through to an Auditing provider before and after security operations (such as authentication or authorization) have been performed, enabling audit event recording. The decision to audit a particular event is made by the Auditing provider itself and can be based on specific audit criteria and/or severity levels. The records containing the audit information may be written to output repositories such as an LDAP back-end, database, and a simple file.

All auditing information recorded by the WebLogic Auditing provider is saved in WL_HOME\mydomain\myserver\DefaultAuditRecorder.log by default. Although, an Auditing provider is configured per security realm, each server writes auditing data to its own log file in the server directory. You can specify a new directory location for the DefaultAuditRecorder.log file on the command line with the following Java startup option:

-Dweblogic.security.audit.auditLogDir=c:\foo

The new file location will be c:\foo\myserver\DefaultAuditRecorder.log.

For more information, see "weblogic.Server Command-Line Reference."

You can use a custom Auditing provider instead of the WebLogic Auditing provider. For a custom Auditing provider to be available through the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Tasks

Configuring a WebLogic Auditing Provider

Related Topics

Introduction to WebLogic Security

Managing WebLogic Security

Securing WebLogic Resources

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a Production Environment

The Security topics in the WebLogic Server 8.1 Upgrade Guide

Security FAQ

The Security page in the WebLogic Server documentation

Attributes

Table 169-1

Attribute Label

Description

Value Constraints

Name

The name of this WebLogic Auditing provider.

MBean: weblogic.security.
providers.audit.
DefaultAuditorMBean

Attribute: Name


Description

A short description of this WebLogic Auditing provider.

MBean: weblogic.security.
providers.audit.
DefaultAuditorMBean

Attribute: Description

Default: "WebLogic Auditing Provider"

Version

The version of this WebLogic Auditing provider.

MBean: weblogic.security.
providers.audit.
DefaultAuditorMBean

Attribute: Version

Default: "1.0"

 

Skip navigation bar  Back to Top Previous Next