The audit module logs authentication and authorization requests to the server log file. For information on changing the location of the log file, see Configuring General Logging Settings.
Authentication log entries include the following information:
Names of users who attempted to authenticate.
The realm that processed the access request.
The requested Web module URI or EJB component.
Success or failure of the request.
Regardless of whether audit logging is enabled, the Application Server logs all denied authentication events.
Authorization log entries include the following information:
Names of authenticated users, if any.
The requested Web URI or EJB component.
Success or failure of the requests.
In the Admin Console, go to Configuration > Security > Audit Modules. In the Audit modules page click New and enter the required values. Click OK.
To edit or delete an audit module, go to Configuration > Security > Audit Modules, and select an audit module. In the Edit Audit Module page, modify your settings and click Save.To delete, select the check box to the left of an audit module, and click Delete.
For detailed information on managing audit modules, click Help in the Admin Console.
Logging for audit modules is not turned on by default. To enable logging, in the Admin Console, go to Configuration > Security. Select the Audit Logging check box to enable logging. Deselect to disable logging.
For detailed information on enabling or disabling audit logging, click Help in the Admin Console.
To specify the audit module that the server uses, first enable audit logging as described in Enabling or Disabling Audit Logging.In the Audit Modules field, enter the name of the audit module to be used by the server.
The preconfigured audit module is called default. Make sure that this audit module has auditOn.
For details, click Help in the Admin Console.