JOC Cockpit - Audit Log

Introduction

The Audit Log provides information about the operations that users of the JobScheduler Web Service - including JOC Cockpit users and external applications - perform on job-related objects. The Audit Log lists the relevant JobScheduler objects - Jobs, Job Chains, Orders, etc. - and any operations that modify their status.The Audit Log is written by the JobScheduler Web Service as shown in the JOC Cockpit - Architecture page.

Audit Log

The Audit Log is maintained for objects such as Jobs, Job Chains, Orders, etc., whose statuses are modified by users carrying out operations such as starting, stopping or pausing.

• Any new entries will be added to this file, i.e. the file will not be overwritten.
• The Audit Log is visible to:
  • JOC Cockpit users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
    • The default authorization permissions for the Audit Log which are configured for the JOC Cockpit are listed in the Permissions Matrix shown in the Authentication and Authorization - Permissions for the JOC Cockpit Web Service article.  
  • administrators with access to the DBMS used by the JOC Cockpit and JobScheduler Master(s).
• It lies in the responsibility of the administrator to check compliance requirements such as the retention period for information contained in this file.
• Maintenance of an Audit Log requires the administrator to comply with applicable law and corporate governance.

Operation Comments

Users carrying out operations are able to comment each operation. These comments are then saved with the Audit Log and can be read by all other JOC Cockpit users with the necessary permissions. The 'Write a Comment' form is shown after each operation is initiated and can be seen in the following screenshot:
 
Two types of comment are possible:

• Predefined Comments which are selected from a drop-down list and
• Individual Comments as shown in the above screenshot

Mandatory Comments

A  force_comments_for_audit_log flag can be set in the in the joc.properties file as shown in the following code box:

### This flag controls if the comment is required or not.
force_comments_for_audit_log = false

The joc.properties file is located in the ./joc_home/jetty_base/resources/joc directory.

Either predefined or individual comments can be set when force_comments_for_audit_log = true is set. 

Predefined Comments

A predefined set of comments is delivered with the JOC Cockpit.

Predefined comments are found in the ./joc_home/jetty_base/resources/joc directory, in the joc.properties file. 

The JOC Cockpit is provided with a default set of predefined comments as listed in the following code box:

### Pre-defined comments
comments =  System maintenance; \
            Repeat execution; \
            Business requirement; \
            Restart failed execution; \
            Re-instantiate stopped object; \
            Temporary stop; \
            Change of JobScheduler object; \
            Rerun with parameter changes; \
            Change of external dependency; \
            Application deployment and upgrade

Predefined Comment Syntax

• The ";" near the end of each line marks the end of the comments. The use of a semicolon here as a delimiter allows commas to be used in comments.
• The "\" at the marks the end of a line.

Modifying Comments Settings

System administrators are free to modify predefined comments and the force_comments_for_audit_log flag to suit their own requirements.

The JOC Cockpit needs to be restarted before changes made to the joc.properties file will take effect.

Individual Comments

Individual Comments can be entered in the text field as shown in the screenshot above. 

The following characters are allowed:

• A-Z, a-z, 0-9, commas

Audit Log Location

The Audit Log is found in the ./joc_home/jetty_base/logs directory, in the JOCAuditLog.log file. If the file does not exist, it will be created with the first operation modifying the status of an object that is carried out by a user.

Audit Log Sample

The following sample shows a number of Web Service requests that have been performed by a user "ap":

2017-01-02 18:23:54,553 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:24:07,033 INFO  USER: ap - REQUEST: ./tasks/kill - PARAMS: {"job":"/sample/job2","taskIds":[]}
2017-01-02 18:24:25,899 INFO  USER: ap - REQUEST: ./tasks/kill - PARAMS: {"job":"/sample/job2","taskIds":[]}
2017-01-02 18:24:47,051 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:25:10,352 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"execution_per_30s","jobChain":"/sample/job_chain1"}
2017-01-02 18:26:11,271 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:26:19,150 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:26:32,933 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:27:36,719 INFO  USER: ap - REQUEST: ./jobs/stop - PARAMS: {"job":"/sample/job2"}
2017-01-02 18:29:41,394 INFO  USER: ap - REQUEST: ./jobs/unstop - PARAMS: {"job":"/sample/job2"}
2017-01-02 18:29:46,156 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"execution_per_30s","jobChain":"/sample/job_chain1"}
2017-01-02 18:30:51,713 INFO  USER: ap - REQUEST: ./orders/resume - PARAMS: {"orderId":"6","jobChain":"/sample/job_chain1"}
2017-01-02 18:31:22,838 INFO  USER: ap - REQUEST: ./orders/suspend - PARAMS: {"orderId":"daily_execution","jobChain":"/sample/job_chain1"}
2017-01-02 18:31:43,712 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:31:47,868 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}
2017-01-02 18:31:55,244 INFO  USER: ap - REQUEST: ./orders/add - PARAMS: {"jobChain":"/sample/job_chain1","at":"now"}

Audit Log Explanation

• The Audit Log includes the Web Service URL, which allows the object type and operation to be identified. For example, ./orders/resume translates to the operation to resume an order that is identified by its order ID and Job Chain path, as specified in the parameters part of each log entry.

Audit Log Housekeeping & Archiving

As already noted the JOC Cockpit adds to the Audit Log on an ongoing basis.

System administrators need to implement their own housekeeping / log rotation and archiving system according to their business and compliance requirements.