Sun Identity Manager 8.1 Business Administrator's Guide

The JMX Publisher Type

The JMX audit log publisher publishes audit events so that a JMX (Java Management Extensions) client can monitor Identity Manager audit log activity.

What is JMX?

Java Management Extensions (JMX) is a Java technology that allows for managing and/or monitoring applications, system objects, devices, and service oriented networks. The managed/monitored entity is represented by objects called MBeans (for Managed Bean).

Identity Manager’s JMX Publisher Implementation

Identity Manager’s JMX audit log publisher monitors the audit log for events. When an event is detected, the JMX publisher wraps the audit event record with an MBean, and also updates a temporary history (which is kept in memory). For each event, a separate small notification is sent to the JMX client. If the event is of interest, the JMX client can query the MBean wrapping the audit event for additional information.

Note –

See the com.waveset.object.AuditEvent Javadoc for information about audit event records. The Javadoc is available in the REF kit, which is discussed in Developing Custom Audit Publishers.

To retrieve information from the correct MBean, a history sequence number is required. This number is included in the event notification.

Each event notification includes the following information:

ProcedureTo Configure the JMX Publisher Type

  1. To enable the JMX publisher type, follow the steps in To Enable Custom Audit Publishers and select JMX from the New Publisher drop-down menu.

  2. To configure the JMX publisher type, complete the Configure New Audit Publisher form. If you have questions about the form, refer to the i-Helps and online Help.

    • Publisher Name. Type a unique name for the JMX audit event publisher.

    • History Limit. Change the default value as needed to specify the number of event items that the publish should retain in memory. (Default is 100.)

  3. Click Test to verify that the Publisher Name is acceptable.

  4. Click OK. The Configure New Audit Publisher form closes.

  5. Important! Click Save.

Viewing Audit Events with a JMX Client

Use a JMX client to view the JMX publisher. JConsole, which is included in the JDK 1.5, was used to create the following screen captures.

If using JConsole, choose attach to process to view the IDM:type=AuditLog MBean. For information on configuring JConsole for use as a JMX client, see Viewing JMX Data in Sun Identity Manager 8.1 System Administrator’s Guide.

In JConsole, click the Notifications tab to view audit events. Note the sequence number in the notification. A sequence number is required when querying the MBean for additional information.

Figure 10–1 Viewing JMX Audit Event Notifications in JConsole

Figure illustrating how to view JMX Audit Event Notifications
in JConsole

Querying the MBean for Additional Information

In JConsole, click the Operations tab. Use the sequence number in the notification to query the MBean for event details. Each of the operations are prefixed with ’get’ and the only parameter is the ’sequence’ number.

Figure 10–2 Querying the MBean for Additional Information in JConsole

Figure illustrating how to query MBeans for information
about events

The MBean is virtually a one-to-one mapping to the com.waveset.object.AuditEvent class. Table 10–19 provides a description for each attribute/operation that the MBean provides.

Table 10–19 MBeanInfo Attribute/Operation Descriptions

Attribute / Operation 



The list of changed attributes 


AccountId associated with the event 


Action taken during the event 


The Auditable attributes 


Any error string 


The Audit interface 


The member object group references 


The object name 


The object type 


All the overflow attributes 


All the parameters 


The reason for the event 


Resource associated with the event 


Role associated with the event 


User or service associated with the event 


Name of the server from which the event fired 


Status of the audit event 


Date/Time of the audit event 

In JConsole, click the Attributes tab. Attributes are prefixed with Current to indicate that the attribute contains the most recent audit event sent to the system.

Figure 10–3 Viewing MBean Attributes in JConsole

Figure illustrating how to view MBean Attributes in JConsole