Uploaded image for project: 'PUBLIC - Liferay Documentation'
  1. PUBLIC - Liferay Documentation
  2. LRDOCS-3940

Improvement on Auditing Users Documentation



      Hi Rich, Customers have been asking on how to disable the Audit Portlet and a CSE brought this up to us. Here's a summary below.

      Issue: Customers are still asking how to disable/enable the Audit Portlet. While the Audit portlet may be enabled by default, customers still want to know how they can disable/enable it on their own. Current documentation does not explain all of the steps needed and since there are many features that need to be enabled/disabled it may be beneficial to add these steps. 

      Resolution: Our CSE provided a working draft suggestion to include in the Official Documentation: Auditing Users. Is this something that would be possible? His draft is as follows:

      1. Log audit events in Liferay logs
      To enable logging audit events in the Liferay logs and console, go to Control Panel -> System Settings -> Foundation -> Logging Message Audit Message Processor

      To do this via OSGi configs, create a com.liferay.portal.security.audit.router.configuration.LoggingAuditMessageProcessorConfiguration.config with these sample options:

      #You have two options above, CSV or JSON

      You'll need at least Fix Pack 12 (LPS-70580), otherwise you'll encounter this error: No log message formatter found for log message format JSON/CSV

      Whichever way you enable this, if you want to write audit events into the logs and not just the console, you'll need to extend Liferay's log4j-ext.xml

      Create a portal-log4j-ext.xml (in the WEB-INF/classes/META-INF directory) to route the audit messages to a log file. The class we want to capture is com.liferay.portal.security.audit.router.internal.LoggingAuditMessageProcessor. In the following example, we are getting log4j to record INFO level messages from this class to $liferay.home/logs under the audit.yyyy-MM-dd.log file name.

      <?xml version="1.0"?>
       <!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
      <log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
          <!-- additional audit logging -->
          <appender name="auditFile" class="org.apache.log4j.rolling.RollingFileAppender">
               <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                   <param name="FileNamePattern" value="@liferay.home@/logs/audit.%d{yyyy-MM-dd}.log" />
               <layout class="org.apache.log4j.EnhancedPatternLayout">
                   <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%t][%c{1}:%L] %m%n" />
          <category name="com.liferay.portal.security.audit.router.internal.LoggingAuditMessageProcessor">
               <priority value="INFO" />
               <appender-ref ref="auditFile"/>

      2. Enable/disable Audit entirely (enabled by default)
      To disable all auditing features entirely, go to Control Panel -> System Settings -> Foundation -> Audit

      To do this via OSGi configs, create a com.liferay.portal.security.audit.configuration.AuditConfiguration.config with these sample options:


      3. Log audit events for scheduler in database only:
      To log scheduled events, go to Control Panel -> System Settings -> Foundation -> Scheduler Engine Helper

      To do this via OSGi configs, create a com.liferay.portal.scheduler.configuration.SchedulerEngineHelperConfiguration.config with this set to true or false:


      Action Items: 

      • Add these steps (revised if needed) to Auditing Users Official Documentation. 


      Please let me know if you have any questions or anything you need clarifying on. Thank you!




            • Assignee:
              richard.sezov Rich Sezov
              caleb.cho Caleb Cho (Inactive)
              Subject Matter Expert:
              KM Material
              Participants of an Issue:
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created:

                Zendesk Support


                  Version Package