Administrative Activity Audit Logging

By: Kee Wee Wong Account Admin 27 Nov 2019 at 2:14 a.m. CST

5 Responses
Kee Wee Wong gravatar
Hi Support, Are Administrative Activities (ie configuration actions in oxtrust) logged in Gluu Server? We have a requirement to capture admin activities and generate reports and would like to know the info is captured and stored by Gluu Server.
Gluu 4.0 Rhel 7.0
closed

Answers

By Mohib Zico Account Admin 27 Nov 2019 at 2:16 a.m. CST

Copy
Mohib Zico gravatar
Hello Kee Wee, Yes, they are. Check out `oxtrust_audit` log inside `/opt/gluu/jetty/identity/logs`

By Kee Wee Wong Account Admin 27 Nov 2019 at 2:44 a.m. CST

Copy
Kee Wee Wong gravatar
Hi Mohib, Thank you for the prompt response! It seems like not all activities are captured in the log, so far I'm only seeing the following captured: 1. Modifications to users 2. Modifications to OpenID Connect Clients However, most of the configurations don't seem to be captured, some of the configurations I've tried so far are not logged: 1. Organization Configuration 2. JSON Configuration 3. Default Authentication Method 4. Enabled/Disable Person Authentication Script

By Mohib Zico Account Admin 27 Nov 2019 at 2:56 a.m. CST

Copy
Mohib Zico gravatar
Yes, it's just basic. I think we can enhance this feature. Can you please open an enhancement feature ticket [here](https://github.com/GluuFederation/oxTrust/issues) ?

By Michael Schwartz Account Admin 27 Nov 2019 at 11:20 a.m. CST

Copy
Michael Schwartz gravatar
I created an issue for it: https://github.com/GluuFederation/oxTrust/issues/1881 I like the way Gluu Gateway handles admin... it not only audits, it makes the user put in a comment.

By Kee Wee Wong Account Admin 02 Dec 2019 at 2:23 a.m. CST

Copy
Kee Wee Wong gravatar
Hi @Michael.Schwartz, Thanks for the assistance!

Post an answer