It's all about the answers!

Ask a question

Detailed user logs


Adrian Whitfield (122) | asked Nov 14 '14, 6:43 p.m.
Is there anyway to get some detailed user logs from user sessions across jazz tools. This need to be beyond just licenses consumed. I'm interested in user logs that can show what information users consumed, what time and date it occurred, geo info (maybe IP addresses). This is needed for export control/ITAR compliance. Thx, Adrian

Comments
Michael Alberda commented Oct 04 '17, 7:16 a.m. | edited Oct 04 '17, 2:21 p.m.

Hi,

Has there been any progress on this with later releases? We have the same requirements but are running WAS 8.5.5 with CLM v6.0.

Thanks,
Regards,
Michael.

One answer



permanent link
Kevin Ramer (4.5k6173191) | answered Nov 16 '14, 1:25 p.m.
Tomcat can produce access logs ( with the authenticated ID ).  See the Tomcat Valve documentation.  WebSphere can write access logs, but w/o an HTTP server in front the authenticated ID is not reported. If you are strictly interested in Source Access, the RTC admin can enable Source Code Access Audit logging. 

None of that is across environments, just within a single application.

Comments
Ralph Schoon commented Nov 17 '14, 3:48 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

Kevin, can you be more specific? How to switch it on and where the data goes? I am not aware of it and I couldn't find information on it.

Thanks!


1
Kevin Ramer commented Nov 17 '14, 8:04 a.m.

For Tomcat access logs edit $JAZZ_INST/server/tomcat/conf/server.xml to enable this Valve:

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/rtclogs/rtcserver1/access_logs" pattern="common" prefix="rtp-rtc1_access_log." resolveHosts="false" suffix=".txt"/>

directory and prefix control where the logs go.  In WebSphere, Troubleshooting > Logging and Tracing [ server ] > NCSA access and HTTP Error

For the SCAA edit the appropriate log4j.properties for the CCM, look for an 'uncomment'
log4j.appender.scm_scaa=org.apache.log4j.DailyRollingFileAppender
log4j.appender.scm_scaa.layout=org.apache.log4j.PatternLayout
log4j.appender.scm_scaa.DatePattern='.'yyyy-MM-dd
log4j.appender.scm_scaa.layout.ConversionPattern=%d{ISO8601} %m %n
log4j.appender.scm_scaa.File=/scaalogs/rtp-rtc1-9443-jazz.log
log4j.appender.scm_scaa.MaxBackupIndex=2

log4j.appender.scm_scaa.MaxFileSize=7000KB


log4j.logger.scm_scaa=TRACE, scm_scaa
log4j.additivity.scm_scaa=false



Adrian Whitfield commented Nov 17 '14, 10:45 a.m.

Thanks for the responses. Could these logs provide detailed information on exactly what was accessed? I.e, User, John Smith viewed work item 3554 on November 11th 2014 @ 2.30pm on IP address <some IP address> ?


Kevin Ramer commented Nov 17 '14, 11:41 a.m. | edited Nov 17 '14, 11:42 a.m.

If the application server is Tomcat enough is there to answer all the questions.  WebSphere doesn't log the ID.  If memory serves, user ID is where the 2nd dash (-) is below.

WebSphere NCSA Access log example [ I viewed w/i 16389 ]:

IP_ADDRESS - - [13/Nov/2014:08:39:06 -0500] "GET /jazz/service/com.ibm.team.workitem.common.internal.rest.IWorkItemRestService/workItemDTO2?includeHistory=false&id=16389 HTTP/1.1" 200 -IP_ADDRESS - - [13/Nov/2014:09:22:54 -0500] "GET /jazz/service/com.ibm.team.workitem.common.internal.rest.IWorkItemRestService/workItemDTO2?includeHistory=false&id=16389 HTTP/1.1" 200 -IP_ADDRESS - - [14/Nov/2014:14:43:12 -0500] "GET /jazz/service/com.ibm.team.workitem.common.internal.rest.IWorkItemRestService/workItemDTO2?includeHistory=false&id=16389 HTTP/1.1" 200 -IP_ADDRESS - - [17/Nov/2014:10:24:41 -0500] "GET /jazz/service/com.ibm.team.workitem.common.internal.rest.IWorkItemRestService/workItemDTO2?includeHistory=false&id=16389 HTTP/1.1" 200 -




Your answer


Register or to post your answer.