Configure

You can activate audit logging for several SuperSTAR components:

SuperADMIN

To activate audit logging for SuperADMIN:

  1. Open the SuperADMIN log configuration file (log4j-config.xml) in a text editor. If you installed to the default location, this file is located at C:\ProgramData\STR\SuperADMIN\server\config\log4j-config.xml
  2. Locate the following section:

    <!-- uncomment this line to enable AuditFile
            <appender-ref ref="AuditFile"/>
    -->
  3. Remove the comments:

            <appender-ref ref="AuditFile"/>
    
  4. Check the following section, which defines the logging settings:

        <appender name="AuditFile" class="org.apache.log4j.FileAppender">
            <param name="File" value="C:/AuditLogs/superadmin.log"/>
            <param name="Append" value="false"/>
            <param name="Encoding" value="UTF-8"/>
            <layout class="org.apache.log4j.PatternLayout">
                <param name="ConversionPattern" value="%m%n"/>
            </layout>
        </appender>

    You may wish to change the File setting. This defines the location of the log file. The directory (in this case C:/AuditLogs) will be created automatically if it does not already exist.

    See https://logging.apache.org/log4j/extras/apidocs/org/apache/log4j/rolling/RollingFileAppender.html for help configuring the log4j settings.

  5. Save your changes and restart the SuperADMIN server.

SuperSERVER

Activate Audit Logging

SuperSERVER audit logging is enabled by default by the settings in C:\ProgramData\STR\SuperSERVER SA\log4j.scsa.xml, and no changes are required.

Configure Tabulation Query Logged Details

From version 9.9.2 onwards, the SuperSERVER audit log contains a tabulation.query event for every tabulation. By default, this event contains details of fact tables and fields used in a query, but you can configure what is logged for this event using the SuperADMIN server command.

To check the configuration, use the following command (replace <id> with the ID of the server you want to check):

> server <id>

The output contains the following details:

    [ auditQueryLogFactTables  : true ]
    [ auditQueryLogFields      : true ]
    [ auditQueryLogValueSets   : false ]
    [ auditQueryLogValues      : false ]

In this example, the query event will contain details of fact tables and fields, but not value sets and values.

To change the settings, use the following commands:

server <id> config auditQueryLogFactTables {true|false}
server <id> config auditQueryLogFields {true|false}
server <id> config auditQueryLogValueSets {true|false}
server <id> config auditQueryLogValues {true|false}

For example:

server localhost config auditQueryLogValueSets true
You must restart SuperSERVER to apply any changes.

SuperWEB2

To activate audit logging for SuperWEB2:

  1. Open <tomcat_home>\webapps\webapi\WEB-INF\classes\log4j.xml in a text editor.
  2. Locate the following section:

    <!-- Audit Logging configuration
        <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
            <param name="File" value="C:/AuditLogs/superweb2.log"/>
            <param name="Append" value="true"/>
            <param name="Encoding" value="UTF-8"/>
            <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"/>
            </rollingPolicy>
            <layout class="org.apache.log4j.PatternLayout">
                <param name="ConversionPattern" value="%m%n"/>
            </layout>
        </appender>
    
        <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
            <level value="INFO" />
            <appender-ref ref="AuditFile"/>
        </logger>
     -->    
  3. Remove the comments:

        <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
            <param name="File" value="C:/AuditLogs/superweb2.log"/>
            <param name="Append" value="true"/>
            <param name="Encoding" value="UTF-8"/>
            <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-superweb2.log"/>
            </rollingPolicy>
            <layout class="org.apache.log4j.PatternLayout">
                <param name="ConversionPattern" value="%m%n"/>
            </layout>
        </appender>
    
        <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
            <level value="INFO" />
            <appender-ref ref="AuditFile"/>
        </logger>
  4. Check the settings in the AuditFile section, and update them accordingly (see the SuperADMIN section above for more details).
  5. Save your changes and restart SuperWEB2.

Job Queue Manager

To activate audit logging for Job Queue Manager:

  1. Open <tomcat_home>\webapps\queuedjobservice\WEB-INF\classes\log4j.xml in a text editor.
  2. Locate the following section:

    <!-- Audit Logging configuration
        <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
            <param name="File" value="C:/AuditLogs/jqm.log"/>
            <param name="Append" value="true"/>
            <param name="Encoding" value="UTF-8"/>
            <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"/>
            </rollingPolicy>
            <layout class="org.apache.log4j.PatternLayout">
                <param name="ConversionPattern" value="%m%n"/>
            </layout>
        </appender>
    
        <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
            <level value="INFO" />
            <appender-ref ref="AuditFile"/>
        </logger>
     -->
  3. Remove the comments:

        <appender name="AuditFile" class="org.apache.log4j.rolling.RollingFileAppender">
            <param name="File" value="C:/AuditLogs/jqm.log"/>
            <param name="Append" value="true"/>
            <param name="Encoding" value="UTF-8"/>
            <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                <param name="FileNamePattern" value="C:/AuditLogs/%d{yyyy-MM-dd}-jqm.log"/>
            </rollingPolicy>
            <layout class="org.apache.log4j.PatternLayout">
                <param name="ConversionPattern" value="%m%n"/>
            </layout>
        </appender>
    
        <logger name="au.com.str.webapi.services.common.audit.AuditLogger" additivity="false">
            <level value="INFO" />
            <appender-ref ref="AuditFile"/>
        </logger>
  4. Check the settings in the AuditFile section, and update them accordingly (see the SuperADMIN section above for more details).
  5. Save your changes and restart SuperWEB2.

Backup and Removal of Log Files

The audit logging service does not provide any mechanism for removing log files, so you will need to implement some process for periodically backing up and removing the files from the server, in order to ensure that there is still enough available disk space on your server.