Customizing the audit log
If you customized WebSphere Commerce to collect more personal information, you can extend the AuditLogging helper to record details in the audit log about the actions that are completed against your additional collected data.
About this task
When the AuditLogging helper is enabled, audit log information is made available in the WC_profiledir/logs/server_name/trace.log file. Both REST resources and commands are tracked.
You can use the audit logging API to adjust the behavior of the AuditLogging
helper. The following access methods and resources are available.
| Access method | Resource or service name |
|---|---|
| REST resource handlers |
|
| Administrative and WebSphere Commerce Accelerator commands |
|
Procedure
Create your own REST request handler. For more
information, see Creating and customizing REST services.
The audit logging API provides the following request handler.
com.ibm.commerce.businessaudit.util.AuditLoggingHelper
public void logPersonalDataAccess(String className, String methodName,
String remoteAddress, String userId, String action, String forUserId, String data)- className
- The name of the class that is being used to access personal data.
- methodName
- The name of the method that is being used to access personal data.
- remoteAddress
- The remote address of the host that is accessing personal data.
- userId
- The unique id of the user who access personal data.
- action
- The action applied to the personal data. Accepted values are:
- AuditLoggingHelper.ACTION_READ
- AuditLoggingHelper.ACTION_CREATE
- AuditLoggingHelper.ACTION_UPDDATE
- AuditLoggingHelper.ACTION_DELETE
- forUserid
- The unique ID of the user whose personal data is being accessed.
- data
- The type of personal data being accessed, for example:
- AuditLoggingHelper.PERSONAL_DATA
- AuditLoggingHelper.PERSONAL_DATA_CONTACT
- AuditLoggingHelper.PERSONAL_DATA_WISH_LIST
- AuditLoggingHelper.PERSONAL_DATA_ORDER_HISTORY