...
- The Audit Log is written automatically by the JobScheduler Web Services:
- Entries to the Audit log are made when an action that changes the state of a JobScheduler Object is initiated in the JOC Cockpit or other application accessing the JobScheduler Web Services.
- There is no mechanism for switching off the Audit Log.
- The Audit Log is written in two locations simultaneously:
- In the DBMS used by the JobScheduler Web Services:
- This instance is used by the JOC Cockpit to allow operators to view the Audit Log information.
- It is also used by the JOC Cockpit to generate a Microsoft Excel®-compatible export file for reporting purposes.
- In the Audit Log file:
- It is intended that this instance is archived and used as a compliance record. System Administrators can make a copy of this instance available to operating staff if the DBMS should not be available.
- The Audit Log file is named
JOCAuditLog.logand saved in- the
-
jetty_base/logsfolder on Linux systems and on Windows wherejetty_baseis the directory containing the Jetty web server configuration files as described in the JOC Cockpit - Installation article.
- In the DBMS used by the JobScheduler Web Services:
- All new entries will be added to the Audit Log - neither the log file not the DMBS records are overwritten.
- System administrators have to arrange an archiving and housekeeping system for the Audit Log file according to relevant compliance laws and corporate governance.
- It is the responsibility of system administrators to check compliance requirements such as the retention period for the information contained in the Audit Log file.
- The Audit Log is visible in the JOC Cockpit to:
- Users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
- The default authorization permissions for the Audit Log which are configured for the JOC Cockpit are listed in the Permissions Matrix shown in the Authentication and Authorization - Permissions for the JOC Cockpit Web Service article.
- System Administrators with access to the DBMS used by the JOC Cockpit or the file system where the Audit Log file is written.
- Users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
- The Audit Log is read-only for all JOC Cockpit users - only System Administrators that have access to both the file system and to the database can modify the log.
...
Predefined Reasons Syntax
- The ";" character near the end of each line marks the end of the comments. The semicolon here functions as a delimiter and allows commas to be used in reasons.
- The "\" at the marks character marks the end of a line.
Modifying Reasons Settings
...
The Audit Log file is found in the ./joc_home/jetty_base/logs directory, in the JOCAuditLog.log file. If the file does not exist, it will be created with the first action modifying the status of an object that is carried out by a user.
The location and name of the Audit Log file are specified in a log4j.properties file. See the Logging Configuration section of the JOC Cockpit - Logging article for more information.
Audit Log Sample
The following sample shows a number of Web Service requests that have been performed by two users, aa_ito and root, who logged in at 14:13:47 using in parallel to aa_ito using a different browser before aa_ito logged out :
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
2017-02-10 11:39:55,992 INFO REQUEST: ./orders/add - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","at":"now"}]} - COMMENT: Demo start for documentation
2017-02-10 11:43:05,831 INFO REQUEST: ./jobs/start - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","jobs":[{"job":"/standalone-jobs/test_sa_job1","at":"now"}]} - COMMENT: Demo start for documentation
2017-02-10 11:54:11,731 INFO REQUEST: ./jobs/start - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","jobs":[{"job":"/standalone-jobs/test_sa_job1","at":"now"}]} - COMMENT: null
2017-02-10 12:38:31,507 INFO REQUEST: ./login - USER: aa_ito - PARAMS: {} - COMMENT: it_operator
2017-02-10 12:48:39,857 INFO REQUEST: ./orders/start - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"orderId":"hello_world_order","jobChain":"/tutorials/hello_world_job_chain","at":"now"}]} - COMMENT: null
2017-02-10 13:34:57,995 INFO REQUEST: ./login - USER: aa_ito - PARAMS: {} - COMMENT:
2017-02-10 13:35:03,391 INFO REQUEST: ./login - USER: aa_ito - PARAMS: {} - COMMENT: it_operator
2017-02-10 13:35:49,186 INFO REQUEST: ./orders/start - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"orderId":"hello_world_order","jobChain":"/tutorials/hello_world_job_chain","at":"now"}]} - COMMENT: null
2017-02-10 13:36:13,905 INFO REQUEST: ./jobs/start - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","jobs":[{"job":"/standalone-jobs/test_sa_job1","at":"now"}]} - COMMENT: null
2017-02-10 13:53:50,184 INFO REQUEST: ./orders/add - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","state":"20","at":"now"}]} - COMMENT: Test Start from step 20
2017-02-10 13:56:05,459 INFO REQUEST: ./orders/add - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","at":"now"}]} - COMMENT: null
2017-02-10 14:02:30,467 INFO REQUEST: ./login - USER: aa_ito - PARAMS: {} - COMMENT: it_operator
2017-02-10 14:09:38,471 INFO REQUEST: ./orders/add - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","state":"20","at":"now"}]} - COMMENT: Repeat execution
2017-02-10 14:10:36,839 INFO REQUEST: ./orders/add - USER: aa_ito - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","state":"20","at":"now"}]} - COMMENT: Repeat execution
2017-02-10 14:13:47,553 INFO REQUEST: ./login - USER: root - PARAMS: {} - COMMENT: all
2017-02-10 14:14:48,351 INFO REQUEST: ./orders/add - USER: root - PARAMS: {"jobschedulerId":"jobscheduler_1.11","orders":[{"jobChain":"/tutorials/hello_world_job_chain","state":"20","at":"now"}]} - COMMENT: Repeat execution
|
Note that the COMMENT is used in the login REQUEST to show the Role a user has.
Audit Log Explanation
- The Audit Log includes the Web Service URL, which allows the object type and operation to be identified. For example, .
/orders/resumetranslates to the action of resuming an order that is identified by its order ID and Job Chain path, as specified in the PARAMS part of each log entry.
...