Console JSON Audit Log Publishers publish JSON-formatted audit log messages to the JVM's original standard output or standard error stream.
The Console JSON Audit Log Publisher component inherits from the JSON Formatted Audit Log Publisher
The properties supported by this managed object are as follows:
General Configuration Basic Properties: | Advanced Properties: |
---|---|
description | None |
enabled | |
logging-error-behavior | |
Log File Management Basic Properties: | Advanced Properties: |
write-multi-line-messages | None |
output-location | |
Log Messages To Include Basic Properties: | Advanced Properties: |
log-security-negotiation | None |
suppress-internal-operations | |
suppress-replication-operations | |
Filtering Criteria Basic Properties: | Advanced Properties: |
connection-criteria | None |
request-criteria | |
result-criteria | |
Log Message Elements To Include Basic Properties: | Advanced Properties: |
use-reversible-form | soft-delete-entry-audit-behavior |
obscure-attribute | include-operation-purpose-request-control |
exclude-attribute | include-intermediate-client-request-control |
include-product-name | include-thread-id |
include-instance-name | |
include-startup-id | |
include-requester-dn | |
include-requester-ip-address | |
include-request-controls | |
include-response-controls | |
include-replication-change-id |
Property Group | General Configuration |
Description | A description for this Log Publisher |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Indicates whether the Console JSON Audit Log Publisher is enabled for use. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | The Console JSON Audit Log Publisher is primarily intended to be used for server instances that are run in no-detach mode (that is, instances that are started with the --nodetach argument). When the logger is used in a server that is not running in no-detach mode, it may have reduced performance and functionality. |
Property Group | General Configuration |
Description | Specifies the behavior that the server should exhibit if an error occurs during logging processing. |
Default Value | standard-error |
Allowed Values | standard-error - Write a message to standard error in the event of a logging failure. lockdown-mode - Place the server in lockdown mode in the event of a logging failure. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log File Management |
Description | Indicates whether the JSON objects should use a multi-line representation (with each object field and array value on its own line) that may be easier for administrators to read, but each message will be larger (because of additional spaces and end-of-line markers), and it may be more difficult to consume and parse through some text-oriented tools. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log File Management |
Description | Specifies the output stream to which JSON-formatted audit log messages should be written. |
Default Value | standard-output |
Allowed Values | standard-output - Messages should be written to the JVM's original standard output stream. standard-error - Messages should be written to the JVM's original standard error stream. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Messages To Include |
Description | Indicates whether to log information about the result of any security negotiation (e.g., SSL handshake) processing that has been performed. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Messages To Include |
Description | Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
suppress-replication-operations
Property Group | Log Messages To Include |
Description | Indicates whether access messages that are generated by replication operations should be suppressed. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Filtering Criteria |
Description | Specifies a set of connection criteria that must match the associated client connection in order for a connect, disconnect, request, or result message to be logged. |
Default Value | None |
Allowed Values | The DN of any Connection Criteria. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Filtering Criteria |
Description | Specifies a set of request criteria that must match the associated operation request in order for a request or result to be logged by this Access Log Publisher. |
Default Value | None |
Allowed Values | The DN of any Request Criteria. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Filtering Criteria |
Description | Specifies a set of result criteria that must match the associated operation result in order for that result to be logged by this Access Log Publisher. |
Default Value | None |
Allowed Values | The DN of any Result Criteria. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether the audit log should be written in reversible form so that it is possible to revert the changes if desired. If this property is set true then the audit log is written in reversible form. For delete operations there will be comments with the contents of the entry. For modify operations the changes will only contain delete of the previous values and add of the new values (omitting those that didn't change). For modify DN operations there will be comments with the attribute additions or deletions, if any, caused by the RDN change. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Specifies the names of any attribute types that should have their values obscured in the audit log because they may be considered sensitive. Note that values are not obscured from any DN. |
Default Value | None |
Allowed Values | The name or OID of an attribute type defined in the server schema. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Specifies the names of any attribute types that should be excluded from the audit log. |
Default Value | ds-sync-hist |
Allowed Values | The name or OID of an attribute type defined in the server schema. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages should include the product name for the Directory Server. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages should include the instance name for the Directory Server. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages should include the startup ID for the Directory Server, which is a value assigned to the server instance at startup and may be used to identify when the server has been restarted. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages for operation requests should include the DN of the authenticated user for the client connection on which the operation was requested. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages for operation requests should include the IP address of the client that requested the operation. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages for operation requests should include a list of the OIDs of any controls included in the request. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages for operation results should include a list of the OIDs of any controls included in the result. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Log Message Elements To Include |
Description | Indicates whether to log information about the replication change ID. The replication change ID uniquely identifies an update operation. When enabled on all replicas in the replication topology, it can be used to trace updates from the origin replica to all other replicas. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
soft-delete-entry-audit-behavior (Advanced Property)
Property Group | Log Message Elements To Include |
Description | Specifies the audit behavior for delete and modify operations on soft-deleted entries. This property pertains only to delete and modify operations on existing soft-deleted entries. Logging of soft delete operations and undelete operations are not affected by this property. Soft delete operations are logged like delete operations but with additional information in comments about the soft-deleted entry that was created. Undelete operations are logged like add operations but with additional information in comments about the soft-deleted entry that was undeleted. |
Default Value | included |
Allowed Values | included - Indicates that delete and modify operations of soft-deleted entries should be included in the log. The deletes of soft-deleted entries will include an "isSoftDeletedEntry" field with a Boolean value of true. excluded - Indicates that delete and modify operations of soft-deleted entries should be excluded from the log. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
include-operation-purpose-request-control (Advanced Property)
Property Group | Log Message Elements To Include |
Description | Indicates whether to include information about any operation purpose request control that may have been included in the request. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
include-intermediate-client-request-control (Advanced Property)
Property Group | Log Message Elements To Include |
Description | Indicates whether to include information about any intermediate client request control that may have been included in the request. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
include-thread-id (Advanced Property)
Property Group | Log Message Elements To Include |
Description | Indicates whether log messages should include the thread ID for the Directory Server in each log message. This ID can be used to correlate log messages from the same thread within a single log as well as generated by the same thread across different types of log files. More information about the thread with a specific ID can be obtained using the cn=JVM Stack Trace,cn=monitor entry. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured Log Publishers:
dsconfig list-log-publishers [--property {propertyName}] ...
To view the configuration for an existing Log Publisher:
dsconfig get-log-publisher-prop --publisher-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Log Publisher:
dsconfig set-log-publisher-prop --publisher-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new Console JSON Audit Log Publisher:
dsconfig create-log-publisher --publisher-name {name} --type {type} --set enabled:{propertyValue} [--set {propertyName}:{propertyValue}] ...
To delete an existing Log Publisher:
dsconfig delete-log-publisher --publisher-name {name}