You can have administrative actions recorded for later review. With this record, you can audit administrative steps when required. Auditing provides a measure of accountability and answers the "who has done what and when" types of questions.
Auditing support is built into Oracle Enterprise Scheduler. To learn more about how auditing works generally, see the Application Security Guide.
You can configure auditing support by using WLST commands. For more information, see WebLogic Scripting Tool Command Reference.
For reference information about commands supported by Oracle Enterprise Scheduler, see Audit Reference for Oracle Enterprise Scheduler .
This section includes the following:
You can get the full list of auditable events from the WLST command line. After using the connect command to connect WLST to the server instance, use the listAuditEvents command to display the list of events. In the command, specify "ESS" as the component type to list supported event types for Oracle Enterprise Scheduler:
listAuditEvents(componentType="ESS")
This and other useful commands are described in WebLogic Scripting Tool Command Reference.
Table 6-10 includes a partial described list of event categories and the auditable events available in them. Be sure to use the listAuditEvents command for a full list.
Table 6-10 Oracle Enterprise Scheduler Audit Event Categories
| Category | Description |
|---|---|
|
Security Check |
Includes events related to security checks, including checking data security privileges, checking metadata permission, checking runtime permission, switching user context, and querying requests based on a data security check. |
|
Operations to Requests |
Includes request events related to requests, including executing, deleting, canceling, holding, locking, purging, releasing, replacing, submitting, and updating. |
|
Metadata Configuration |
Includes metadata events such as creating, deleting, and updating schedules, triggers, incompatibilities, exclusions, job definitions and job sets. |
|
Configuration Change |
Includes events such as adding, deleting, and updating ESS configuration properties. |
|
Administrative Operations to RequestProcessor |
Includes events such as enabling and disabling the request processor. |
|
Administrative Operations to RequestDispatcher |
Includes events such as starting and stopping the request dispatcher. |
You can use WLST to specify filter present level for audit event logging, and so specify which events are logged. You do this by setting the filter preset level to one of three levels: low, medium, or high.
You can set the filter preset level by using the following WLST command:
setAuditPolicy(componentType='ESS', filterPreset="Medium")
Table 6-11 describes the filter preset levels:
Table 6-11 FilterPreset Levels for Event Auditing
| Level | Description |
|---|---|
|
low |
The fewest and more important events are logged. These include the following:
|
|
medium |
A medium level for events between the fewest and most verbose settings. This includes all events from the following categories:
|
|
high |
The most verbose level, including all events from the following categories:
|
For more on the event categories, see Getting the List of Auditable Events.
Data generated by event auditing is stored either in a database or a file, depending on how auditing is configured.
For more on configuring auditing, see the Application Security Guide.
If data is being written to a file, the file's default location is the following:
DOMAIN_HOME/servers/SERVER_NAME/logs/auditlog