Configure
You can activate audit logging for several SuperSTAR components:
SuperADMIN
To activate audit logging for SuperADMIN:
- Open the SuperADMIN log configuration file (log4j-config.xml) in a text editor. If you installed to the default location, this file is located at C:\ProgramData\STR\SuperADMIN\server\config\log4j2.xml
Locate the following section:
XML<Logger name="au.com.str.superadmin.logging.audit" additivity="false" level="ALL"> <!-- uncomment this line to enable Audit Logging, also set the "File" setting in "AuditFile" above <AppenderRef ref="AUDIT"/> --> </Logger>Remove the comments:
XML<Logger name="au.com.str.superadmin.logging.audit" additivity="false" level="ALL"> <AppenderRef ref="AUDIT"/> </Logger>Check the following section, which defines the logging settings:
XML<File name="AuditFile" fileName="${sys:str.audit.file}" append="false"> <PatternLayout pattern="%m%n" charset="UTF-8"/> </File>You may wish to change the
fileNamesetting, which defines the location of the log file. By default, this is C:/AuditLogs/superadmin.log. If you want to change this, you can either simply replace${sys:str.audit.file}here in log4j2.xml with the new filename you want to use, or you can edit the value passed in to thestr.audit.filevariable in the server.bat file used to launch SuperADMIN (C:\ProgramData\STR\SuperADMIN\server\server.bat). Locate the following line and update the filename to your new chosen location:CODE"-Dstr.audit.file=C:/AuditLogs/superadmin.log" ^- Save your changes and restart the SuperADMIN server.
SuperSERVER
Activate Audit Logging
SuperSERVER audit logging is enabled by default by the settings in C:\ProgramData\STR\SuperSERVER SA\log4j.scsa.xml, and no changes are required.
By default, the SuperSERVER audit log file will be written to C:\ProgramData\STR\SuperSERVER SA\logs\scsa-structuredaudit.logs.txt. You can change the location of this file by editing the StructuredAudit appender settings in the SuperSERVER log4j.scsa.xml file.
Configure Tabulation Query Logged Details
From version 9.9.2 onwards, the SuperSERVER audit log contains a tabulation.query event for every tabulation. By default, this event contains details of fact tables and fields used in a query, but you can configure what is logged for this event using the SuperADMIN server command.
To check the configuration, use the following command (replace <id> with the ID of the server you want to check):
> server <id>The output contains the following details:
[ auditQueryLogFactTables : true ]
[ auditQueryLogFields : true ]
[ auditQueryLogValueSets : false ]
[ auditQueryLogValues : false ]In this example, the query event will contain details of fact tables and fields, but not value sets and values.
To change the settings, use the following commands:
server <id> config auditQueryLogFactTables {true|false}
server <id> config auditQueryLogFields {true|false}
server <id> config auditQueryLogValueSets {true|false}
server <id> config auditQueryLogValues {true|false}For example:
server localhost config auditQueryLogValueSets true
SuperWEB2
To activate audit logging for SuperWEB2:
- Open <tomcat_home>\webapps\webapi\WEB-INF\classes\log4j2.xml in a text editor.
Locate the following sections:
XML<!-- Audit Logging configuration --> <!-- <RollingFile name="AuditFile" fileName="C:/AuditLogs/superweb2.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile> -->XML<!-- Audit Logging configuration --> <!-- <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger> -->Remove the comments:
XML<!-- Audit Logging configuration --> <RollingFile name="AuditFile" fileName="C:/AuditLogs/superweb2.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile>XML<!-- Audit Logging configuration --> <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger>- Save your changes and restart SuperWEB2.
If you want to ensure that SuperWEB2 correctly logs end user IP addresses, rather than the gateway IP address, then you may also need to complete this additional configuration.
Job Queue Manager
To activate audit logging for Job Queue Manager:
- Open <tomcat_home>\webapps\queuedjobservice\WEB-INF\classes\log4j2.xml in a text editor.
Locate the following sections:
XML<!-- Audit Logging configuration --> <!-- <RollingFile name="AuditFile" fileName="C:/AuditLogs/jqm.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile> -->XML<!-- Audit Logging configuration --> <!-- <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger> -->Remove the comments:
XML<!-- Audit Logging configuration --> <RollingFile name="AuditFile" fileName="C:/AuditLogs/jqm.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile>XML<!-- Audit Logging configuration --> <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger>- Save your changes and restart the Tomcat instance running Job Queue Manager.
Open Data API
To activate audit logging for the Open Data API:
- Open <tomcat_home>\webapps\webapi#rest#v1\WEB-INF\classes\log4j2.xml in a text editor.
Locate the following sections:
XML<!-- Audit Logging configuration --> <!-- <RollingFile name="AuditFile" fileName="C:/AuditLogs/odapi.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-odapi.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile> -->XML<!-- Audit Logging configuration --> <!-- <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger> -->Remove the comments:
XML<!-- Audit Logging configuration --> <RollingFile name="AuditFile" fileName="C:/AuditLogs/odapi.log" filePattern="C:/AuditLogs/%d{yyyy-MM-dd}-odapi.log"> <PatternLayout pattern="%m%n" charset="UTF-8"/> <TimeBasedTriggeringPolicy/> </RollingFile>XML<!-- Audit Logging configuration --> <Logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false" level="INFO"> <AppenderRef ref="AuditFile"/> </Logger>- Save your changes and restart the Tomcat instance running the Open Data API.
Backup and Removal of Log Files
The audit logging service does not provide any mechanism for removing log files, so you will need to implement some process for periodically backing up and removing the files from the server, in order to ensure that there is still enough available disk space on your server.