I want to enable auditing via XDAS in wso2is.
Question
Is this possible?
Question
How can I enable xdas audit monitoring in admin console?
I can't find xdas feature in the installed features list.
Question
Why this feature not installed?
As per the official documentation,
XDAS was only done in IS in a PoC level, and there's no immediate plan to integrate it into the Identity Server product as yet. The general audit logs of IS can be found at $IS_ROOT/repository/logs/audit.log
Related
I am trying to configure logging in WSO2 management console referring to this
https://apim.docs.wso2.com/en/latest/Administer/ProductAdministration/Monitoring/Logging/setting-up-logging/. However I can't find the Logging option in the management console. Please find attached email. Do I need to make other change?
I am new to this product, so this might be configuration issue that I might have missed.
https://i.stack.imgur.com/htsiq.png
Configuring the logging via the carbon console in API Manager is removed from 3.0.0 onwards. (Documentation is in-progress. We will be soon removing the docs related to this.)
You can use the [APIM_HOME]/repository/conf/log4j2.properties file to configure logging and it is hot deployable.
I would like to enable the WSO2 Carbon 5.5 audit logs. I have followed these documents to get the audit.log enabled, but nothing appears to change.
https://docs.wso2.com/display/IS570/Working+with+Product+Observability
https://docs.wso2.com/display/IS550/Using+the+User+Management+Errors+Event+Listener
I am however not seeing any special errors in the wso2carbon.log, although my audit.log is completely empty.
I also tried requesting for Groups & Users https://localhost:9443/wso2/scim/Users
in the hope of something would get audited, but still no luck.
https://docs.wso2.com/display/IS570/Working+with+Product+Observability
The following note in the above doc.
In order to use this feature, apply the WUM update for WSO2 IS 5.5.0
released on 2018-11-28.
This feature is available as a WUM update only (for subscription users). Open source users have to switch to the latest version WSO2 IS 5.8.0 to use this.
https://docs.wso2.com/display/IS550/Using+the+User+Management+Errors+Event+Listener
This doc also says the following.
The UserManagementAuditLogger is responsible for adding audit logs
during the execution of successful user management scenarios, and the
UserMgtFailureAuditLogger handles the audit logs during the failure
scenarios. Follow the instructions below to enable the improved audit
logger introduced with the WUM update.
This available for open source usage from the 5.6.0 version.
I am using the Google Admin SDK APIs to manage users (create/update) in our organization's Google apps account. We allow users to optionally use the 2-factor authentication feature and I'd like to be able to determine if an account has it enabled or not when one of our internal support reps looks up their account. Looking over the docs at https://developers.google.com/admin-sdk/directory/v1/reference/users, I do not see any attributes that would indicate this setting.
Is there another way for me to check if it is enabled via an API?
Saw an answer from an old Stackoverflow post:
Find all Google Apps users not using two-factor authentication
You can actually find that information via Reports API of Admin SDK:
https://developers.google.com/admin-sdk/reports/v1/reference/usage-ref-appendix-a/users-accounts
Hope this helps!
currently I´m evaluating WSO2 Stratos LIVE as a public PaaS. I did much research but there are still some questions:
1.) Does WSO2 Stratos Live offer a "multi-tenancy-api" to make Java web applications multi-tenant-aware (something like the Google App Engine Namespace API)?
2.) Is the cartridge-based architecture available (like in WSO2 Stratos 2)?
3.) Are there official API documentations / code samples for all the cloud services? I just found blog posts and webinars. But an official api documentation and code samples would be very great (for example how to unse Identity Server for authentication in Java web applications).
4.) Based on WSO2 API Manager deployment on Stratos, I assume that the API manager is not available as cloud-service?
5.) Do I have hosting options on Stratos Live (e.g. Java Version, the country / Data Center where my app will be hosted)?
6.) Does exist a logs-api to access application logs from my application?
7.) Are there apis for data handling (for example Map Reduce, execution of cron jobs, CDN)?
8.) Do I have a local test environment? I know that there are IDE plugins for an easy deployment. But is it possible to test my app with all WSO2 Stratos Live cloud services local on my machine without connecting to the real services?
I know this is a lot but it would be more than helpful if the WSO2 professionals would help me to answer those questions. As I said, I did much research but those 8 questions are still open.
Thanks a lot and best regards
Ben
See the answers in-line.
1.) Does WSO2 Stratos Live offer a "multi-tenancy-api" to make Java web applications multi-tenant-aware (something like the Google App Engine Namespace API)?
Yes. Your web app can be multi-tenanted.
http://www.youtube.com/watch?v=_lEwm6VzAmo&noredirect=1
http://www.slideshare.net/afkham_azeez/building-a-multitenanted-cloudnative-appserver
2.) Is the cartridge-based architecture available (like in WSO2 Stratos 2)?
Not yet. But our plan is to make Stratos2.0 as the foundation of StratosLive. This will be done after the GA release of Stratos2.0 (it is now in beta stage)
3.) Are there official API documentations / code samples for all the cloud services? I just found blog posts and webinars. But an official api documentation and code samples would be very great (for example how to unse Identity Server for authentication in Java web applications).
All the documents and samples available for WSO2 products are valid for StratosLive. Reason is, we have deployed the very same product in the cloud. We are in the process of filling the documentation gap with regards to StratosLive at the moment.
4.) Based on WSO2 API Manager deployment on Stratos, I assume that the API manager is not available as cloud-service?
Not yet. It will be available in the future.
5.) Do I have hosting options on Stratos Live (e.g. Java Version, the country / Data Center where my app will be hosted)?
No. StratosLive uses shared instances to achieve multi-tenantcy (not like some other PaaSes which uses a JVM per tenant). Therefore, hosting options are not available.
6.) Does exist a logs-api to access application logs from my application?
Yes. We allow the tenants to view system logs and application logs. Unfortunately the API for log viewing is not documented yet.
http://sparkletechthoughts.blogspot.com/2012/09/how-distributed-logging-works-in-wso2.html
7.) Are there apis for data handling (for example Map Reduce, execution of cron jobs, CDN)?
Map reduce related tasks can be handled using toolboxes which can be deployed in WSO2 BAM (monitor.stratoslive.wso2.com). Please check the WSO2 BAM2 documentation for more info.
8.) Do I have a local test environment? I know that there are IDE plugins for an easy deployment. But is it possible to test my app with all WSO2 Stratos Live cloud services local on my machine without connecting to the real services?
You can download and use the Stratos local setup which can be found at http://wso2.com/cloud/stratos
The WSO2 Identity Server features list XDAS, but I can't find any more information on how WSO2 uses it.
Is there any documentation available about how the WSO2 Identity Server uses XDAS?
Does the Identity Server have an XDAS service API that it can offer auditing services for use by other (external) applications?
WSO2 offer a Centralized Auditing & Monitoring solution. How can I set this up for myself?
We have done some work with XDAS in the WSO2 platform and the effort is on hold due to the less demand for XDAS.
You can find additional details from here : http://mail.wso2.org/mailarchive/architecture/2011-February/004868.html
I have checked out the whole WSO2 trunk and performed a find for files containing XDAS in their filename and a grep for files containing XDAS in their contents. Nothing was found.
My guess is that XDAS has not been implemented in the WSO2 platform.