Hi Megala,
For improving the search friendliness, are you defining a new format for
the audit log entry ?
Currently we have following format.
<Initiator> | <Action> | <Target> | <Data> | <Result>
Eg: INFO {AUDIT_LOG}- Initiator : [email protected] | Action : Add User |
Target : newuser | Data : { Roles : } | Result : Success
In OWASP Top 10 list of vulnerabilities for 2017 [1], "Logging &
Monitoring" is newly introduced due to it's importance.
You can refer [2] for more information on this and accommodate the
recommendations in your improvements.
[1] https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf
[2] https://www.owasp.org/index.php/Logging_Cheat_Sheet
Regards,
TharinduE
On Tue, Mar 13, 2018 at 4:03 PM, Megala Uthayakumar <[email protected]> wrote:
> Hi All,
>
> I am working on improving audit logs related with user management tasks.
> Currently we have audit logs upto some extent, however it could be further
> improved. So in this improvement I will focusing on following tasks
>
> 1. Modifying the current audit logs, so that they will give better
> information regarding the user management tasks done by a user.
> 2. Focusing on search friendly logs, which the search based on a regex
> will return the relevant results expected by the server admin.
> 3. Currently we have not implemented some methods from
> AbstractUserOperationEventListener in UserMgtAuditLogger[1], the event
> listener for logging audit logs related with user management. So will be
> focusing on implementing the other relevant methods to add the meaningful
> audit logs.
> 4. Focusing on solving the issues that are reported already related
> with user-mgt related audit logs[2].
>
> I have created a user story doc for this improvement[3] . Appreciate your
> comments and suggestions on this to further improve the audit logs related
> with user management.
>
> [1] https://github.com/wso2/carbon-identity-framework/
> blob/5.11.x/components/user-mgt/org.wso2.carbon.user.mgt/
> src/main/java/org/wso2/carbon/user/mgt/listeners/UserMgtAuditLogger.java
> [2] https://github.com/wso2/product-is/issues?utf8=%E2%9C%
> 93&q=is%3Aissue+is%3Aopen+audit
> [3] https://docs.google.com/document/d/1Ls0VuLsJaQtQAPgR3NkwtrcbFUvVZ
> uPW_gXA7bV5mmo/edit?usp=sharing
>
> Thanks.
>
> Regards,
> Megala
> --
> Megala Uthayakumar
>
> Senior Software Engineer
> Mobile : 0779967122
>
--
Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : +94 775181586
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
