Oracle ATG Web Commerce includes a login auditing feature that records each attempt to log into its administration applications. The login auditing feature writes information about each attempt in a file on your Web application server’s file system. Use the audit log file to help detect unauthorized attempts to access your administration applications.

The login auditing feature records attempts to log into the following administration applications:

The login auditing feature saves audit log files in the Oracle ATG Web Commerce installation or ATG-Data directory. Each administration application records login attempts in the directory for its server. The file path of the audit log is:

<ATG11dir>/home/servers/server-name/logs/authentication_audit.log

Secure access to the audit log files on the server file system. Make sure that the log files are not deleted or altered by unauthorized users. If the log file is deleted, Oracle ATG Web Commerce will not create a new file until you restart the server.