JOC Cockpit - Audit Log

Introduction

The Audit Log provides information about the operations that users of the JobScheduler Web Service - including JOC Cockpit users and external applications - perform on job-related objects. The Audit Log lists the relevant JobScheduler objects - Jobs, Job Chains, Orders, etc. - and any operations that modify their status.The Audit Log is written by the JobScheduler Web Service as shown in the JOC Cockpit - Architecture page.

Audit Log

The Audit Log is maintained for objects such as Jobs, Job Chains, Orders, etc., whose statuses are modified by users carrying out operations such as starting, stopping or pausing.
Users of the JOC Cockpit with the necessary permissions can view the Audit Log in the JOC Cockpit by clicking the Audit Log link in the JOC Cockpit main menu as shown in the screenshot below:

Inclusion of the Audit Log view and in particular the Reasons field is intended to provide users of the JOC Cockpit with more relevant information about actions taken than is recorded in the History.

Any new entries will be added to the Audit Log file, i.e. the file will not be overwritten.
The Audit Log is visible JOC Cockpit to:
- Users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
  - The default authorization permissions for the Audit Log which are configured for the JOC Cockpit are listed in the Permissions Matrix shown in the Authentication and Authorization - Permissions for the JOC Cockpit Web Service article.
- Administrators with access to the DBMS used by the JOC Cockpit and JobScheduler Master(s) or the file system where the Audit Log file is written.
The Audit Log is read-only for all JOC Cockpit users - only the JobScheduler Web Services and System Administrators that have access to the file system can modify the log.
Entries to the Audit log can only be made when an operation that changes the state of a JobScheduler Object is initiated in the JOC Cockpit or other application accessing the JobScheduler Web Services
It lies in the responsibility of system administrators to check compliance requirements such as the retention period for information contained in this file.
Maintenance of an Audit Log requires system administrators to comply with applicable law and corporate governance.

Operation Reasons

Users carrying out operations are able to add an explanatory reason for each operation. These reasons are then saved with the Audit Log and can be read by all other JOC Cockpit users with the necessary permissions. The 'Enter a Reason' form is shown after each operation is initiated and can be seen in the following screenshot:

Reasons may be mandatory and two forms of reasons are possible:

Predefined Reasons which are selected from a drop-down list and
Individual Reasons as shown in the above screenshot.

Mandatory Reasons

The force_comments_for_audit_log flag can be set in the joc.properties file as shown in the following code box:

joc.properties - Force Comments

### This flag controls if the comment is required or not.
force_comments_for_audit_log = false

The joc.properties file is located in the ./joc_home/jetty_base/resources/joc directory.

Either predefined or individual reasons can be set when force_comments_for_audit_log = true is set.

Predefined Reasons

A predefined set of reasons is delivered with the JOC Cockpit.

Predefined reasons are found in the ./joc_home/jetty_base/resources/joc directory, in the joc.properties file.

The JOC Cockpit is provided with a default set of predefined reasons as listed in the following code box:

joc.properties - Predefined Comments

### Pre-defined comments
comments =  System maintenance; \
            Repeat execution; \
            Business requirement; \
            Restart failed execution; \
            Re-instantiate stopped object; \
            Temporary stop; \
            Change of JobScheduler object; \
            Rerun with parameter changes; \
            Change of external dependency; \
            Application deployment and upgrade

Predefined Reasons Syntax

The ";" near the end of each line marks the end of the comments. The use of a semicolon here as a delimiter allows commas to be used in reasons.
The "\" at the marks the end of a line.

Modifying Reasons Settings

System administrators are free to modify predefined reasons and the force_comments_for_audit_log flag to suit their own requirements.

The JOC Cockpit needs to be restarted before changes made to the joc.properties file will take effect.

Individual Reasons

Individual Reasons can be entered in the text field as shown in the screenshot above.

The following characters are allowed:

A-Z, a-z, 0-9, commas

Audit Log Location

The Audit Log is found in the ./joc_home/jetty_base/logs directory, in the JOCAuditLog.log file. If the file does not exist, it will be created with the first operation modifying the status of an object that is carried out by a user.

Audit Log Sample

The following sample shows a number of Web Service requests that have been performed by a user "ap":

Audit Log Sample

2017-01-02 18:23:54,553 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:24:07,033 INFO  USER: ap - REQUEST: ./tasks/kill - PARAMS: {"job":"/sample/job2","taskIds":[]}
2017-01-02 18:24:25,899 INFO  USER: ap - REQUEST: ./tasks/kill - PARAMS: {"job":"/sample/job2","taskIds":[]}
2017-01-02 18:24:47,051 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:25:10,352 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"execution_per_30s","jobChain":"/sample/job_chain1"}
2017-01-02 18:26:11,271 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:26:19,150 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:26:32,933 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:27:36,719 INFO  USER: ap - REQUEST: ./jobs/stop - PARAMS: {"job":"/sample/job2"}
2017-01-02 18:29:41,394 INFO  USER: ap - REQUEST: ./jobs/unstop - PARAMS: {"job":"/sample/job2"}
2017-01-02 18:29:46,156 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"execution_per_30s","jobChain":"/sample/job_chain1"}
2017-01-02 18:30:51,713 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:31:22,838 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"daily_execution","jobChain":"/sample/job_chain1"}
2017-01-02 18:31:43,712 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:31:47,868 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:31:55,244 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}

Audit Log Explanation

The Audit Log includes the Web Service URL, which allows the object type and operation to be identified. For example, ./orders/resume translates to the operation to resume an order that is identified by its order ID and Job Chain path, as specified in the parameters part of each log entry.

Audit Log Housekeeping & Archiving

As already noted the JOC Cockpit adds to the Audit Log on an ongoing basis.

System administrators need to implement their own housekeeping / log rotation and archiving system according to their business and compliance requirements.

Space shortcuts

Page tree