How to Audit User Management Operations in AEM

Solution

AEM has introduced the ability to log permission changes so they can be audited at a later time.
The enhancement allows for the auditing CRUD (Create, Read, Update, Delete) actions on permissions and group assignments of users. More specifically, it will log:
  • A new user getting created
  • A user being added to a group
  • Permission changes of an existing user or group
By default, the entries will be written to the error.log file. To make monitoring easier, it is recommended that they be redirected to a separate log file. More info on how to do this in the paragraph below.

Redirecting the output to a separate log file

In order to redirect the logging output to a separate log file, you'll need to create a new Apache Sling Logging Loggerconfiguration. We'll use useraudit.log as the name of the separate file in the example below.
  1. 1. Go to the Web Console by browsing to http://serveraddress:serverport/system/console/configMgr
  2. 2. Search for Apache Sling Logging Logger. Then, press the "+" in the right hand side of the entry to create a new factory configuration.
  3. 3. Create the following configuration:
    • Log Level: Information
    • Log File: logs/useraudit.log
    • Message Pattern: leavel default
    • Logger: com.adobe.granite.security.user.internal.audit, com.adobe.granite.security.user.internal.servlets.AuthorizableServlet
    4. In order to enter both loggers into the Logger field, you need to enter the name of the first, then create another field by pressing the "+" button and entering the name of the second logger.

  4. Sample out of useraudit.log file:
  5. 1. 19.05.2017 15:21:34.419 *INFO* [0:0:0:0:0:0:0:1 [1495196494417]
  6. POST /home/groups/d/dGf7f7vGrZRLs6HS3AK-.rw.html HTTP/1.1]
  7. com.adobe.granite.security.user.internal.audit.AuditAuthorizableAction Group 'group1' was removed
  8. 2. 19.05.2017 15:21:34.419 *INFO* [0:0:0:0:0:0:0:1 [1495196494417]
  9. POST /home/groups/d/dGf7f7vGrZRLs6HS3AK-.rw.html HTTP/1.1]
  10. com.adobe.granite.security.user.internal.servlets.AuthorizableServlet Delete Group 'group1' operation initiated by User 'admin' (administrator)

10 comments:

  1. Wow, superb weblog format! How lengthy have you been running a blog
    for? you made blogging glance easy. The whole look of your website is fantastic, as smartly as the
    content material!

    ReplyDelete
  2. Your means of describing the whole thing in this piece of writing is in fact fastidious, all be capable of effortlessly be aware of
    it, Thanks a lot.

    ReplyDelete
  3. Admiring the persistence you put into your blog and detailed
    information you provide. It's great to come across a blog every once in a while that isn't the same old rehashed material.

    Wonderful read! I've bookmarked your site and I'm adding your RSS feeds to my Google account.

    ReplyDelete
  4. Truly when someone doesn't be aware of after that its up to other viewers that they will help, so
    here it takes place.

    ReplyDelete
  5. I know this if off topic but I'm looking into starting my
    own blog and was curious what all is needed to get set up?
    I'm assuming having a blog like yours would cost a pretty penny?
    I'm not very internet savvy so I'm not 100% sure. Any suggestions
    or advice would be greatly appreciated. Appreciate it

    ReplyDelete
  6. I'm really impressed with your writing skills as well as with the
    layout on your blog. Is this a paid theme or did you customize it yourself?
    Either way keep up the nice quality writing, it's rare to see a nice blog like this
    one nowadays.

    ReplyDelete
  7. Article writing is also a fun, if you be familiar with after that
    you can write otherwise it is complex to write.

    ReplyDelete
  8. Good day! Do you know if they make any plugins to safeguard against hackers?
    I'm kinda paranoid about losing everything I've worked
    hard on. Any suggestions?

    ReplyDelete
  9. My spouse and I stumbled over here different web page and thought I might check
    things out. I like what I see so now i am following you.
    Look forward to exploring your web page repeatedly.

    ReplyDelete
  10. I have to voice my passion for your kindness giving support to those people that should have guidance on this important matter.payroll process and management in dubai

    ReplyDelete