Details

      Description

      Hi Rich, Customers have been asking on how to disable the Audit Portlet and a CSE brought this up to us. Here's a summary below.

      Issue: Customers are still asking how to disable/enable the Audit Portlet. While the Audit portlet may be enabled by default, customers still want to know how they can disable/enable it on their own. Current documentation does not explain all of the steps needed and since there are many features that need to be enabled/disabled it may be beneficial to add these steps. 

      Resolution: Our CSE provided a working draft suggestion to include in the Official Documentation: Auditing Users. Is this something that would be possible? His draft is as follows:

      1. Log audit events in Liferay logs
      To enable logging audit events in the Liferay logs and console, go to Control Panel -> System Settings -> Foundation -> Logging Message Audit Message Processor

      To do this via OSGi configs, create a com.liferay.portal.security.audit.router.configuration.LoggingAuditMessageProcessorConfiguration.config with these sample options:

      enabled="true"
      logMessageFormat="CSV"
      #You have two options above, CSV or JSON
      outputToConsole="true"

      You'll need at least Fix Pack 12 (LPS-70580), otherwise you'll encounter this error: No log message formatter found for log message format JSON/CSV

      Whichever way you enable this, if you want to write audit events into the logs and not just the console, you'll need to extend Liferay's log4j-ext.xml

      Create a portal-log4j-ext.xml (in the WEB-INF/classes/META-INF directory) to route the audit messages to a log file. The class we want to capture is com.liferay.portal.security.audit.router.internal.LoggingAuditMessageProcessor. In the following example, we are getting log4j to record INFO level messages from this class to $liferay.home/logs under the audit.yyyy-MM-dd.log file name.

      portal-log4j-ext.xml
      <?xml version="1.0"?>
       <!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
      
      <log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
      
          <!-- additional audit logging -->
      
          <appender name="auditFile" class="org.apache.log4j.rolling.RollingFileAppender">
               <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
                   <param name="FileNamePattern" value="@liferay.home@/logs/audit.%d{yyyy-MM-dd}.log" />
               </rollingPolicy>
               <layout class="org.apache.log4j.EnhancedPatternLayout">
                   <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%t][%c{1}:%L] %m%n" />
               </layout>
           </appender>
      
          <category name="com.liferay.portal.security.audit.router.internal.LoggingAuditMessageProcessor">
               <priority value="INFO" />
               <appender-ref ref="auditFile"/>
           </category>
      </log4j:configuration>
      

      2. Enable/disable Audit entirely (enabled by default)
      To disable all auditing features entirely, go to Control Panel -> System Settings -> Foundation -> Audit

      To do this via OSGi configs, create a com.liferay.portal.security.audit.configuration.AuditConfiguration.config with these sample options:

      enabled="true"
      auditMessageMaxQueueSize="200"

      3. Log audit events for scheduler in database only:
      To log scheduled events, go to Control Panel -> System Settings -> Foundation -> Scheduler Engine Helper

      To do this via OSGi configs, create a com.liferay.portal.scheduler.configuration.SchedulerEngineHelperConfiguration.config with this set to true or false:
      auditSchedulerJobEnabled="true"

       

      Action Items: 

      • Add these steps (revised if needed) to Auditing Users Official Documentation. 

       

      Please let me know if you have any questions or anything you need clarifying on. Thank you!

        Attachments

          Activity

            People

            • Assignee:
              richard.sezov Rich Sezov
              Reporter:
              caleb.cho Caleb Cho (Inactive)
              Subject Matter Expert:
              KM Material
              Participants of an Issue:
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: