Configure

You can activate audit logging for several SuperSTAR components:

SuperADMIN

To activate audit logging for SuperADMIN:

Open the SuperADMIN log configuration file (log4j-config.xml) in a text editor. If you installed to the default location, this file is located at C:\ProgramData\STR\SuperADMIN\server\config\log4j-config.xml

Locate the following section:

XML

<!-- uncomment this line to enable Audit Logging, also set the "File" setting in "AuditFile" above
        <appender-ref ref="AUDIT"/>
-->

Remove the comments:
XML
```
        <appender-ref ref="AUDIT"/>
```
Check the following section, which defines the logging settings:
XML
```
    <appender name="AuditFile" class="org.apache.log4j.FileAppender">
        <param name="File" value="C:/AuditLogs/superadmin.log"/>
        <param name="Append" value="false"/>
        <param name="Encoding" value="UTF-8"/>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>
```
You may wish to change the File setting. This defines the location of the log file. The directory (in this case C:/AuditLogs) will be created automatically if it does not already exist.

The configuration shown here (and included the configuration file) causes the log file to be cleared and recreated every time SuperADMIN is restarted. To avoid a loss of audit logging data, you may wish to change the configuration so that SuperADMIN continues to write to the same log file after a restart. To do this, change <param name="Append" value="false"/> to <param name="Append" value="true"/>
Be aware that, as this will cause the log file to continue to grow in size, you should periodically archive the contents of the file to avoid the size of the file from growing too large.

See https://logging.apache.org/log4j/extras/apidocs/org/apache/log4j/rolling/RollingFileAppender.html for help configuring the log4j settings.
Save your changes and restart the SuperADMIN server.

SuperSERVER

Activate Audit Logging

SuperSERVER audit logging is enabled by default by the settings in C:\ProgramData\STR\SuperSERVER SA\log4j.scsa.xml, and no changes are required.

By default, the SuperSERVER audit log file will be written to C:\ProgramData\STR\SuperSERVER SA\logs\scsa-structuredaudit.logs.txt. You can change the location of this file by editing the StructuredAudit appender settings in the SuperSERVER log4j.scsa.xml file.

Configure Tabulation Query Logged Details

From version 9.9.2 onwards, the SuperSERVER audit log contains a tabulation.query event for every tabulation. By default, this event contains details of fact tables and fields used in a query, but you can configure what is logged for this event using the SuperADMIN server command.

To check the configuration, use the following command (replace <id> with the ID of the server you want to check):

CODE

> server <id>

The output contains the following details:

CODE

    [ auditQueryLogFactTables  : true ]
    [ auditQueryLogFields      : true ]
    [ auditQueryLogValueSets   : false ]
    [ auditQueryLogValues      : false ]

In this example, the query event will contain details of fact tables and fields, but not value sets and values.

To change the settings, use the following commands:

CODE

server <id> config auditQueryLogFactTables {true|false}
server <id> config auditQueryLogFields {true|false}
server <id> config auditQueryLogValueSets {true|false}
server <id> config auditQueryLogValues {true|false}

For example:

CODE

server localhost config auditQueryLogValueSets true

You must restart SuperSERVER to apply any changes.

SuperWEB2

To activate audit logging for SuperWEB2:

Open <tomcat_home>\webapps\webapi\WEB-INF\classes\log4j.xml in a text editor.

Locate the following section:

XML

<!-- Audit Logging configuration
    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/superweb2.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>
 -->

Remove the comments:

XML

    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/superweb2.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>

Check the settings in the AuditFile section, and update them accordingly (see the SuperADMIN section above for more details).
Save your changes and restart SuperWEB2.

If you want to ensure that SuperWEB2 correctly logs end user IP addresses, rather than the gateway IP address, then you may also need to complete this additional configuration.

Job Queue Manager

To activate audit logging for Job Queue Manager:

Open <tomcat_home>\webapps\queuedjobservice\WEB-INF\classes\log4j.xml in a text editor.

Locate the following section:

XML

<!-- Audit Logging configuration
    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/jqm.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>
 -->

Remove the comments:

XML

    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/jqm.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>

Check the settings in the AuditFile section, and update them accordingly (see the SuperADMIN section above for more details).
Save your changes and restart the Tomcat instance running Job Queue Manager.

Open Data API

To activate audit logging for the Open Data API:

Open <tomcat_home>\webapps\webapi#rest#v1\WEB-INF\classes\log4j.xml in a text editor.

Locate the following section:

XML

<!-- Audit Logging configuration
    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/odapi.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-odapi.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>
 -->

Remove the comments:

XML

    <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
        <param name="File" value="C:/AuditLogs/odapi.log"/>
        <param name="Append" value="true"/>
        <param name="Encoding" value="UTF-8"/>
        <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
            <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-odapi.log"/>
        </rollingPolicy>
        <layout class="org.apache.log4j.PatternLayout">
            <param name="ConversionPattern" value="%m%n"/>
        </layout>
    </appender>

    <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
        <level value="INFO" />
        <appender-ref ref="AuditFile"/>
    </logger>

Check the settings in the AuditFile section, and update them accordingly (see the SuperADMIN section above for more details).
Save your changes and restart the Tomcat instance running the Open Data API.

Backup and Removal of Log Files

The audit logging service does not provide any mechanism for removing log files, so you will need to implement some process for periodically backing up and removing the files from the server, in order to ensure that there is still enough available disk space on your server.