Auditing
To have a continuous, written record of the changes in nevisIDM, the security-relevant events are audited in a specific audit log file. The purpose of the audit file is to record who has done what and when.
The business logic processing the data changes first creates an entry in the persistent event queue. Later, this entry is consumed by a background audit job, which calls the audit module to process the entry.
The audit module supports multiple audit providers. Currently, there are two providers to choose from: the jsonAuditProvider (default) and the jcanLogAuditProvider:
The jsonAuditProvider writes audit entries in JSON data format into the auditFile. The jcanLogAuditProvider can be specified through the nevisIDM config log. The config log configures the log4j.xml file. The relevant section is the AUDIT logger, the relevant category is the IDM.JcanLogAudit category.
Previously, it was also possible to use a third provider, the fileAuditProvider. However, the fileAuditProvider has been deprecated. Use the *jcanLogAuditProvider
- instead (as it the covers all the functionality of the fileAuditProvider). To migrate from the fileAuditProvider to the jcanLogAuditProvider, you have to provide a log4j.xml file with the desired log format.