Enabling enhanced audit logging
If your company needs to maintain an audit history of actions that are completed against your shoppers' personal data, you can enable enhanced audit logging.
About this task
The enhanced audit logging uses the AuditLogging helper to log any action that
is completed against a shopper's personal data. The audit logging also includes the user that
completed the action and the type of data affected.
- Any REST API read operation that is performed on a shopper's personal data by anyone other than the shopper is logged. For instance, if one of your customer service representatives accesses data for a shopper, the action is logged.
- Any REST API update or delete operation that is performed on shopper personal data is logged.
Procedure
-
Create a custom Docker image to set the trace specification. Then, you can distribute the
custom Docker image.
-
Enable trace for the following logger:
com.ibm.commerce.businessaudit.util.AuditLoggingHelper. The trace string
resembles the following string.
com.ibm.commerce.businessaudit.util.AuditLoggingHelper=all
Results
Example
[2/9/18 14:29:21:925 EST] 00000161 AuditLoggingH A com.ibm.commerce.rest.member.handler.PersonHandler
findByUserId(String storeId, String userId) [ audit=customer ] [ sourceIp=127.0.0.1 ] CWXCM0001A User csr1 (11003) read personal data of user shopper12 (13005)
[3/16/18 13:43:49:405 IST] 000002ea AuditLoggingH A com.ibm.commerce.user.beans.UserDisplayDataBean populate
[ audit=customer ] [ sourceIp=0:0:0:0:0:0:0:1 ] CWXAC0001A: User wcsadmin (-1000) read personal data of user aur_csr001 (8002)
[3/16/18 13:43:55:353 IST] 000002ea AuditLoggingH A com.ibm.commerce.usermanagement.commands.UserRegistrationAdminUpdateCmdImpl
performExecute [ audit=customer ] [ sourceIp=0:0:0:0:0:0:0:1 ] CWXAC0003A: User wcsadmin (-1000) updated personal data of user aur_csr001 (8002)
[3/16/18 13:45:00:631 IST] 00000050 AuditLoggingH A com.ibm.commerce.order.beans.OrderDataBean populate
[ audit=customer ] [ sourceIp=0:0:0:0:0:0:0:1 ] CWXAC0001A: User wcsadmin (-1000) read order of user aur_user001 (3002)
[3/16/18 13:45:15:029 IST] 00000050 AuditLoggingH A com.ibm.commerce.orderitems.commands.OrderItemBaseCmdImpl performExecute
[ audit=customer ] [ sourceIp=0:0:0:0:0:0:0:1 ] CWXAC0003A: User wcsadmin (-1000) updated order of user aur_user001 (3002)