Hi Tharindu,

Thanks for the response. I think we could define a new format, given that
it improves the search based on logs. I will go through provided docs.

Thanks.

Regards,
Megala

On Tue, Mar 13, 2018 at 5:19 PM, Tharindu Edirisinghe <tharin...@wso2.com>
wrote:

> Hi Megala,
>
> For improving the search friendliness, are you defining a new format for
> the audit log entry ?
>
> Currently we have following format.
>
> <Initiator> | <Action> | <Target> | <Data> | <Result>
>
> Eg: INFO {AUDIT_LOG}-  Initiator : admin@carbon.super | Action : Add User
> | Target : newuser | Data : { Roles : } | Result : Success
>
> In OWASP Top 10 list of vulnerabilities for 2017 [1], "Logging &
> Monitoring" is newly introduced due to it's importance.
>
> You can refer [2] for more information on this and accommodate the
> recommendations in your improvements.
>
> [1] https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf
> [2] https://www.owasp.org/index.php/Logging_Cheat_Sheet
>
> Regards,
> TharinduE
>
> On Tue, Mar 13, 2018 at 4:03 PM, Megala Uthayakumar <meg...@wso2.com>
> wrote:
>
>> Hi All,
>>
>> I am working on improving audit logs related with user management tasks.
>> Currently we have audit logs upto some extent, however it could be further
>> improved. So in this improvement I will focusing on following tasks
>>
>>    1. Modifying the current audit logs, so that they will give better
>>    information regarding the user management tasks done by a user.
>>    2. Focusing on search friendly logs, which the search based on a
>>    regex will return the relevant results expected by the server admin.
>>    3. Currently we have not implemented some methods
>>    from AbstractUserOperationEventListener in UserMgtAuditLogger[1], the
>>    event listener for logging audit logs related with user management. So 
>> will
>>    be focusing on implementing the other relevant methods to add the
>>    meaningful audit logs.
>>    4. Focusing on solving the issues that are reported already related
>>    with user-mgt related audit logs[2].
>>
>> I have created a user story doc for this improvement[3] . Appreciate your
>> comments and suggestions on this to further improve the audit logs related
>> with user management.
>>
>> [1] https://github.com/wso2/carbon-identity-framework/blob/
>> 5.11.x/components/user-mgt/org.wso2.carbon.user.mgt/src/
>> main/java/org/wso2/carbon/user/mgt/listeners/UserMgtAuditLogger.java
>> [2] https://github.com/wso2/product-is/issues?utf8=%E2%9C%93
>> &q=is%3Aissue+is%3Aopen+audit
>> [3] https://docs.google.com/document/d/1Ls0VuLsJaQtQAPgR3Nkw
>> trcbFUvVZuPW_gXA7bV5mmo/edit?usp=sharing
>>
>> Thanks.
>>
>> Regards,
>> Megala
>> --
>> Megala Uthayakumar
>>
>> Senior Software Engineer
>> Mobile : 0779967122
>>
>
>
>
> --
>
> Tharindu Edirisinghe
> Senior Software Engineer | WSO2 Inc
> Platform Security Team
> Blog : http://tharindue.blogspot.com
> mobile : +94 775181586 <+94%2077%20518%201586>
>



-- 
Megala Uthayakumar

Senior Software Engineer
Mobile : 0779967122
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to