Security Token Service provides an independent audit configuration file, named component_events.xml
, that defines specific event types and events to audit.
The following sections provide more details.
Regardless of the event or event type that is audited, some of the audit record content is Common to All Events.
The following data is part of each audit record::
Date and time of event
IP address of the client initiating event
Client identity
Processing time for the event
Security Token Service administrative events fall into several configuration management operations defined in component_events.xml
.
Table 8-11 lists additional information.
Table 8-11 Security Token Service Configuration Management Operations
Security Token Service Configuration Operations | Description |
---|---|
Common Attributes |
|
Create Validation Template |
Audit event recorded for the creation of a Validation Template referenced by CreateValidationTemplate. Attributes:
|
Update Validation Template |
Audit event recorded for the update of a Validation Template referenced by UpdateValidationTemplate. Attributes:
|
Delete Validation Template |
Audit event recorded for the delete event of a Validation Template referenced by DeleteValidationTemplate. Attributes:
|
Create Issuance Template |
Audit event recorded for the creation of an Issuance Template referenced by CreateIssuanceTemplate. Attributes:
|
Update Issuance Template |
Audit event recorded for the update of an Issuance Template referenced by UpdateIssuanceTemplate. Attributes:
|
Delete Issuance Template |
Audit event recorded for the delete event of an Issuance Template referenced by DeleteIssuanceTemplate. Attributes:
|
Create Partner Profile |
Audit event recorded for the creation of Partner Profile referenced by CreatePartnerProfile. Attributes:
|
Update Partner Profile |
Audit event recorded for the update of a Partner Profile referenced by UpdatePartnerProfile. Attributes:
|
Delete Partner Profile |
Audit event recorded for the delete event of Partner Profile referenced by DeletePartnerProfile. Attributes:
|
Create Partner |
Audit event recorded for the creation of Partner Profile referenced by CreatePartner. Attributes:
|
Update Partner |
Audit event recorded for the update of a Partner Profile referenced by UpdatePartner. Attributes:
|
Delete Partner |
Audit event recorded for the delete event of Partner Profile referenced by DeletePartner. Attributes:
|
Generic Admin Creation |
Audit event recorded for the generic create administrative operation referenced by GenericAdminCreation. Attributes:
|
Generic Admin Update |
Audit event recorded for the update of a generic update administrative operation referenced by GenericAdminUpdate. Attributes:
|
Generic Admin Removal |
Audit event recorded for generic delete administrative operation referenced by GenericAdminDeletion. Attributes:
|
Security Token Service-specific run-time events for token operations are defined in component_events.xml
.
See details in Table 8-12.
Table 8-12 Security Token Service-specific Run-time Events
Token Operations | Description |
---|---|
Common Attributes |
|
Incoming Message |
Incoming RSTR message received by Security Token Service referenced by OutgoingMessage. Attributes populated for this event, if available:
|
Outgoing Message |
Outgoing RSTR message received by Security Token Service referenced by IncomingMessage. Attributes populated for this event, if available:
|
Token Validation |
Audit event for token validation in Security Token Service referenced by TokenValidation. The status attribute indicates whether or not the validation operation was successful. Attributes populated for this event, if available:
|
Token Generation |
Audit event for token generation in Security Token Service referenced by TokenGeneration. Attributes populated for this event, if available:
|
LDAP User Authentication |
Audit event for local user authentication with the LDAP Directory referenced by LDAPUserAuthentication. Attributes populated for this event, if available:
|
Generic Runtime Operation |
Audit event for a generic operation performed by Security Token Service referenced by GenericRuntimeOperation Attributes populated for this event, if available:
|