Hi ,
We have multiple tenant stores support , So we should log the tenant Id of
store where user perform actions.
i.e
{Time, SequenceId, UserId, tenantId of user, tenant Id of Store, Action,
Subject, optional(OldSubject), optional(NewSubject)}
Thanks
On Thu, Feb 25, 2016 at 4:09 PM, Sajith Ariyarathna <[email protected]>
wrote:
> Hi All,
>
> What we need to log as audit log is,
>> {Time, SequenceId, UserId, Action, Subject, optional(OldSubject),
>> optional(NewSubject)}
>>
> IMO username is not enough for a audit log; including both username &
> tenant ID is a better approach.
>
> Thanks.
>
> On Thu, Feb 25, 2016 at 12:22 PM, Ruwan Abeykoon <[email protected]> wrote:
>
>> Hi All,
>> What we need to log as audit log is,
>>
>> {Time, SequenceId, UserId, Action, Subject, optional(OldSubject),
>> optional(NewSubject)}
>>
>> This will allow one to do audit trace on the question "Who did what on
>> which?"
>>
>> We will not log all the detail on the OldSubject or NewSubject. This
>> needs to be turned on in log configuration.
>>
>> e.g. If the log level is TRACE, we log all the detail in the Subjects,
>> but if the log level is INFO, we do not log the details.
>>
>> Our Audit log format will be JSON compatible. i.e. "key"="value". so that
>> it can be easily processed by tools like GREP,SED, CUT, AWK.
>>
>> Cheers,
>> Ruwan
>>
>> On Thu, Feb 25, 2016 at 11:37 AM, Visitha Wijesinghe <[email protected]>
>> wrote:
>>
>>> Hi,
>>>
>>> While implementing an audit logging mechanism for the App Manager we had
>>> two suggestions of solutions.
>>>
>>> First one is a conventional way to apply logs where the action is
>>> actually happening. In this approach main advantage is if the code
>>> changes we do not need to worry about the logs and they are clear, but the
>>> disadvantage is, it is hard to implement. To implement this we have to run
>>> through all the relevant locations in the App Manager code to find
>>> state changing places and log. This would take more effort initially.
>>>
>>> The second suggestion is a cross cutting approach which is to look at
>>> the problem as an aspect, here we write logs in one place by looking at
>>> the url pattern and decide what to write. The main advantage of this
>>> approach is, it is easy to implement. But if any url pattern change in the
>>> future we have to change it in the audit logs also.
>>>
>>> There are pros and cons of both approaches. we decided to follow the
>>> first approach.
>>>
>>> any feedbacks?
>>>
>>>
>>>
>>> --
>>>
>>> *Visitha Wijesinghe*
>>> Software Engineer Intern.
>>> WSO2 Lanka (pvt) Ltd.
>>>
>>> Mobile - +94772617187
>>>
>>
>>
>>
>> --
>>
>> *Ruwan Abeykoon*
>> *Architect,*
>> *WSO2, Inc. http://wso2.com <http://wso2.com/> *
>> *lean.enterprise.middleware.*
>>
>> email: [email protected]
>>
>
>
>
> --
> Sajith Ariyarathna
> Software Engineer; WSO2, Inc.; http://wso2.com/
>
> _______________________________________________
> Architecture mailing list
> [email protected]
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
Jenananthan Yogendran
*Software Engineer,*
*WSO2 inc., http://wso2.com <http://wso2.com>*
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
