+1 for doing this and using XDAS and then adding analytics based on this to security analytics
Correlation like Prabath mentioned, we can do at DAS --Srinath On Tue, May 3, 2016 at 3:22 AM, Prabath Siriwardana <[email protected]> wrote: > I guess one more thing we miss in C4 logs is - how to correlate all the > logs related to a given message enters into the server.. > > Thanks & regards, > -Prabath > > On Thu, Apr 28, 2016 at 1:39 AM, Sameera Jayasoma <[email protected]> > wrote: > >> Hi All, >> >> Audit logs or Audit trails contain set of log entries which describe a >> sequence of actions which have occurred over a time period. From audit >> logs, it is possible to trace all the actions of a single user or all the >> actions or changes introduced to a certain module in the system etc. E.g. >> It captures all the actions of a single user from the point he logs in to >> the application. >> >> In previous versions of the Carbon platform, we only had a logger called >> AUDIT and a separate appender which appends audit logs to separate log >> file. >> >> The only drawback of this approach is that we don't have a proper way to >> capture contextual information. In each and every audit log, we need to >> capture logged in user details, IP address of client etc. In the previous >> approach developers have to log this information with each and every audit >> log attempt. This is suboptimal IMO, we need to implement a mechanism where >> developers gives only the log message and system should append all the >> other information to the log. I see few ways to implement this. >> >> 1) Write a custom appender which write audit logs to the file with >> contextual information. >> 2) Provide API to log audit logs. We can extract contextual information >> from the CarbonContext in both of these methods. >> >> Any thoughts. >> >> Thanks, >> Sameera. >> >> -- >> Sameera Jayasoma, >> Software Architect, >> >> WSO2, Inc. (http://wso2.com) >> email: [email protected] >> blog: http://blog.sameera.org >> twitter: https://twitter.com/sameerajayasoma >> flickr: http://www.flickr.com/photos/sameera-jayasoma/collections >> Mobile: 0094776364456 >> >> Lean . Enterprise . Middleware >> >> > > > -- > Thanks & Regards, > Prabath > > Twitter : @prabath > LinkedIn : http://www.linkedin.com/in/prabathsiriwardena > > Mobile : +1 650 625 7950 > > http://blog.facilelogin.com > http://blog.api-security.org > -- ============================ Blog: http://srinathsview.blogspot.com twitter:@srinath_perera Site: http://home.apache.org/~hemapani/ Photos: http://www.flickr.com/photos/hemapani/ Phone: 0772360902
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
