search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
733 stars 713 forks source link

Audit logs should be handled properly #5037

Open nilasini opened 5 years ago

nilasini commented 5 years ago

Extracted from the issue [1]

WSO2 Identity Server is lacking important audit logs which we have to fix. Need to find out all the places where audit logs are needed and fix those places.

We are introducing a new format for the audit logs. In order to make these changes backward compatible a system property will be introduced.

This is the deployment.toml config to disable legacy audit logs. The default value for the disableLegacyAuditLogs is set to true once the new audit logs are added to every component.

[system.parameter]
disableLegacyAuditLogs=true

We don't support printing old/new audit logs. The user has to decide which logs to be printed and configure accordingly.

logpublishing module

[1] https://github.com/wso2/product-is/issues/4991

piraveena commented 1 year ago

We have done few improvements in the AuditLog model from this PR https://github.com/wso2/carbon-kernel/pull/3600/files. This has following API changes.

  1. Removed setters
  2. Removed EventCatalog class
  3. Moved to Builder pattern
  4. Type of recordedAt changed to String from Instant
  5. Type of data changed to String to Map, and the name changes to dataChange to data
  6. Name of logId changed to id
  7. Name of correlationId changed to requestId
  8. Removed initiatorName and targetName
  9. Removed clientComponent