To use the default audit module

The default audit module logs authentication and authorization requests to the server log file. For information on changing the location of the log file, see To configure general logging settings.

Authentication log entries include the following information:

• Names of users who attempted to authenticate.

• The realm that processed the access request.

• The requested Web module URI or EJB component.

• Success or failure of the request.

Regardless of whether audit logging is enabled, the Application Server logs all denied authentication events.

Authorization log entries include the following information:

• Names of authenticated users, if any.

• The requested Web URI or EJB component.

• Success or failure of the requests.

1. In the Admin Console tree component, expand the Configurations node.

2. Select the instance to configure:

   • To configure a particular instance, expand the instance’s config node. For example, the default instance, server, expand the server-config node.

   • To configure the default settings for all instances, expand the default-config node.

3. Expand the Security node.

4. Expand the Audit Modules node.

5. Click the default node.

6. Set the value of the auditOn property to true.

7. Select Save to save the changes.

8. Restart the Application Server if Restart Required displays in the console.