Is there a way to show entire Audit Log associated to one service in the Service Detail layout instead of having to go search activities & figuring out changes?
Thanks.
As i know, It is not supported yet. You need to search in log file using the service name and found out them. Actually for analysis logs and audit, WSO2 may recommend the BAM server where you want to publish server's audit and log data
Related
I'm working on a project that needs to subscribe to the api's of multiple social media channels, for this reason we are using wso2 EI and for security protection I would like to intercept the message contents having attachements and fire an antivirus if possible to check the contents.
I have been searching over the web and the wso2 documentation but I have very few info regarding this.Kindly suggest if there is any alternative or if possible any configuration that can be done in the esb.
We have some security requirements from customer, so we need to configure/develop detailed audit logging which will log user actions done in Carbon Management console - i.e. datasource modification, service modification in WSO2 ESB.
Is there any way do this using included log4j?
We are using WSO2 Enterprise Service Bus 4.8.1 and WSO2 Application Server 5.2.1
WSO2 products has an audit log which can be found in the repository/logs folder. But the problem is, this audit log has very little audit information. Reason is as follows.
WSO2 products are built using a collection of reusable osgi componentns. For example, for data sources related operations we have one component and for proxy related operations we have another.
Now, the problem here is, these individual components has not put enough audit logs to cover the user operations. Therefore, your requirement seems to be difficult to achieve.
There are some extension points in WSO2 products where you can use to do your own tasks upon certain actions such as user login, user creation. For example, you can implement a certain interface and print whatever log you want upon a successful user login or a failed login attempt. But, those extension points are limited mostly to user management related operations.
All the HTTP communication done with the server is already logged in HTTP access logs in CARBON_HOME/repository/logs. You can use a log analyzer tool or even grep to capture any desired user action.
Ex: To get the log ins to datasources page use
cat http_access_2016-06-02.log | grep "GET /carbon/ndatasource/index.jsp"
How do we ensure tenant based logging in WSO2?
We do not want logs from different customers getting mingled. Essentially, what we are looking for is completely different directories for each tenant's logs.
I have read a fair bit of documentation for the same and there does not seem to be an out of the box solution.
Any tips is appreciated.
The logs are separate in memory, so you may login to the carbon console as a tenant admin and check Monitor -> System Logs to see the logs dedicated to that specific tenant.
However, there is no OOTB solution to dividing the text based logs by tenant.
I added in claim-config.xml but i dont see that claim being added in the IS management console.
<ClaimURI>http://wso2.org/claims/serialNumber</ClaimURI>
<DisplayName>serialNumber</DisplayName>
<AttributeID>url</AttributeID>
<Description>SerialNumber</Description>
<DisplayOrder>3</DisplayOrder>
<SupportedByDefault />
</Claim>
Also i dont want to add the claim mapping from management console. i want to automate this process so need a configuration change.
WSO2IS reads the claim-config.xml file and add those claims when you start the server first time. After you update the claim-config.xml, It does not read from it. When server is started first time, it reads the claim-config.xml file add add those in to the database (as there are no any claim configuration in the database). If claim mapping are dynamically changed and you do not like to configure them from UI, you can automate the web service API that is used to configure the claims. If claim mappings are not changed, them you can add all the configures in the claim-config.xml in the first start up.
You can use the ClaimManagementService admin service of WSO2 Identity Server to do CRUD operations on claims. You can get an idea of available methods by referring to the wsdl of ClaimManagementService. Please refer to this link for more information regarding calling admin services of WSO2 servers.
I'm new to WSO2 products and I was trying to set up the API statistics by configuring APIM with BAM as said in this documentation for publishing the stats https://docs.wso2.com/display/AM170/Publishing+API+Runtime+Statistics#PublishingAPIRuntimeStatistics-point3.
However every time I try to configure the statistics, start BAM, and re-start APIM I always get an error on the APIM console "Error occured while getting API's".
What does this mean?
Does it mean I have to configure first APIM and BAM before I can make an API and check it's statistics?
I don't get it why following the manual results into something like an error. Is there something wrong with my configuration?
here are few ways to debug whats going wrong. How API-M and BAM integration works is that
API -> publish stats to BAM
BAM stores the stats in Cassandra
BAM uses Hive scripts to analyse the data and write the results to a RDBMS mentioned in master-datasources.xml
I would recommend you to check the number 2. by checking if stats are published to BAM. You can do this by login into the management console of BAM and going to the Analytic section and adding the following script
select * from APIRequestData;
Execute this script and see if any data is returned. If no data is returned then data is not correctly published from API-M to BAM. If data is available here then there is an issue in reading the data from RDBMS to API-M.
I recommend you check the master-datasources.xml file which you edited during configuration. There may be an issue there, if the API Manager cannot connect to its' own database. The datasources given in step 2 of the guide you used are in addition to the existing datasources. If this isn't it, then please provide a stack dump or more detailed error messages. Cheers.