I would like to enable the WSO2 Carbon 5.5 audit logs. I have followed these documents to get the audit.log enabled, but nothing appears to change.
https://docs.wso2.com/display/IS570/Working+with+Product+Observability
https://docs.wso2.com/display/IS550/Using+the+User+Management+Errors+Event+Listener
I am however not seeing any special errors in the wso2carbon.log, although my audit.log is completely empty.
I also tried requesting for Groups & Users https://localhost:9443/wso2/scim/Users
in the hope of something would get audited, but still no luck.
https://docs.wso2.com/display/IS570/Working+with+Product+Observability
The following note in the above doc.
In order to use this feature, apply the WUM update for WSO2 IS 5.5.0
released on 2018-11-28.
This feature is available as a WUM update only (for subscription users). Open source users have to switch to the latest version WSO2 IS 5.8.0 to use this.
https://docs.wso2.com/display/IS550/Using+the+User+Management+Errors+Event+Listener
This doc also says the following.
The UserManagementAuditLogger is responsible for adding audit logs
during the execution of successful user management scenarios, and the
UserMgtFailureAuditLogger handles the audit logs during the failure
scenarios. Follow the instructions below to enable the improved audit
logger introduced with the WUM update.
This available for open source usage from the 5.6.0 version.
Related
I am trying to utilise multitenancy feature in WSO2 by using github releases(https://github.com/wso2/product-is/releases/tag/v5.11.0). I just wanted to understand if there are any limitations for the same between enterprise version downloaded from wso2 site and github releases.
Thanks
WSO2 doesn't have an Enterprise Version of the product. Everybody uses the same base release and if you have a subscription you will be receiving product updates for bug fixes, improvements, security issues etc. Other than that there are no hidden features or limitations in the Opensource version.(Rarely some features are introduced as updates, in these cases you may not receive them) The subscription is for getting updates and getting support from WSO2.
You can read more about WSO2 subscription from here.
Adding to #YCR answer, yes, multi tenancy is supported in IS 5.11.0 and IS 6.0.0 and it was supported throughout IS 5.x series. Please see Tenant Management on WSO2 documentation.
Currently, We are using WSO2(v5.8) in our development environment. We have used all the soap request almost of WSO2 - tenant creation, service provider, user store, and claim as well. All the soap requests are working fine. But in case of Claim : the problem is , it created successfully and updated successfully using soap request without any error. When we are going to see the new added claim on wso2 console then the newly added claims are not displaying under claims. After sometime the claims are available, which means we are able to see the newly added claim and we can use it with service provider also.
But most of the time is not displaying. I think the claims are not synced properly in case of multiple instances running of WSO2. Somebody help highly appreciated
Historically WSO2 Identity Server used distributed caching to utilize the above-mentioned advantages as well as to minimize the coherence problem. However, in newer deployment patterns where the network is not tightly controlled, distributed caching fails in unexpected ways. Hence, we no longer recommend using distributed caching. Instead, it is recommended to have local caches.
Refer to this document to get further information about deployment patterns.
In order to enable localcaches, Please check whether you have enabled this property in /repository/conf/carbon.xml file
<ForceLocalCache>true</ForceLocalCache>
For clustered nodes, enabling this property enables local cache invalidations.
[update]
There is a similar issue already reported regarding claims are not listed or not synced properly in a clustered environment when forcelocalcache is enabled. You can refer to the git issue here. This issue is fixed with Identity Server 5.9.0
I am trying to configure logging in WSO2 management console referring to this
https://apim.docs.wso2.com/en/latest/Administer/ProductAdministration/Monitoring/Logging/setting-up-logging/. However I can't find the Logging option in the management console. Please find attached email. Do I need to make other change?
I am new to this product, so this might be configuration issue that I might have missed.
https://i.stack.imgur.com/htsiq.png
Configuring the logging via the carbon console in API Manager is removed from 3.0.0 onwards. (Documentation is in-progress. We will be soon removing the docs related to this.)
You can use the [APIM_HOME]/repository/conf/log4j2.properties file to configure logging and it is hot deployable.
I want to enable auditing via XDAS in wso2is.
Question
Is this possible?
Question
How can I enable xdas audit monitoring in admin console?
I can't find xdas feature in the installed features list.
Question
Why this feature not installed?
As per the official documentation,
XDAS was only done in IS in a PoC level, and there's no immediate plan to integrate it into the Identity Server product as yet. The general audit logs of IS can be found at $IS_ROOT/repository/logs/audit.log
Is there a way to inactivate a user in WSO2 identity server 5.0.0?
Inactivating should mean that the user cannot login to other applications which are SSO integrated into the IS.
Removing roles/permissions seems not to do the trick.
WSO2 IS supports account lock feature to cater your requirement from IS 4.5.0 onwards. Please follow this document.
Account disable functionality is not yet implemented and we have already reported a jira to track it in future releases.