Dynamic workload scheduling audit

Description

When you select the dynamic scheduling capability at installation time, the auditing feature is automatically installed. By default, the auditing feature is disabled.

Auditable events are as follows:
JobDefinitionAuditEvent
Maintains a track of operations performed on job definitions.
JobLogAuditEvent
Maintains a track of operations performed on job logs.
JobAuditEvent
Maintains a track of operations performed on jobs.
ResourceAuditEvent
Maintains a track of operations performed on resources.
RelationshipAuditEvent
Maintains a track of operations performed on relationships between resources.
RecoveryActionAuditEvent
Maintains a track of operations performed on recovery actions.
HistoryDataAuditEvent
Maintains a track of operations performed on historical data.
To configure the auditing of events, enable the auditing feature and optionally change the default values in the configuration file to define event types to be audited. The configuration file is located in the following path:
TWA_home\TDWB\config\audit.properties

Configuring the audit

Configure one or more of the properties in the audit.properties file to enable and configure auditing:
audit.enabled
Specifies whether the auditing feature is enabled or disabled. The default value is false. Supported values are as follows:
false
The auditing feature is not enabled.
true
The auditing feature is enabled.
onSecurityEnabled
The auditing feature is enabled if global security is enabled on WebSphere Application Server Liberty Base.
audit.consumer.file.auditFilePrefix
Specifies the file prefix for the auditing log file. The file name is defined using the file prefix plus the _auditN.log suffix, where N is a progressive number. If you want the date and time of the file creation specified in the file prefix, use the default format: ‘tdwb_'yyyy-MM-dd. For instance, using the default prefix ‘tdwb_'yyyy-MM-dd generates the tdwb_2010-12-20_auditN.log family of files. Note that the text between single quotation marks (') is not processed by the program and remains unchanged. This format creates a different file for each day the auditing feature is enabled. Also, changing the prefix to ‘tdwb_'yyyy-MM generates the tdwb_2010-12_auditN.log family of files. This format creates a different file for each month the auditing feature is enabled.

You can modify this format as required to create files on a weekly, monthly or yearly basis, depending on your auditing requirements. Depending on the date and time format you choose, the maximum size and number of log files vary. The maximum size and number of log files are defined using the audit.consumer.file.maxFileSize and audit.consumer.file.maxAuditFiles properties respectively. Use these three parameters to control the size of the audit logs stored. For example, using the default values for these parameters, then every day you will have a maximum of 10 MB x 100 files each day. Once the maximum is reached, the first file created is overwritten. If you want use less space to store audit logs, you can decided to change the maximum number of files or only have files on a monthly basis, by specifying the format for the audit.consumer.file.auditFilePrefix property as ‘tdwb_'yyyy-MM.

audit.consumer.file.auditFileLocation
Specifies the path where the log files are created. The default path is /audit.
audit.consumer.file.maxFileSize
Specifies the maximum size in bytes of the log files. When a file reaches the maximum size, a new log file is created. The default value is 10000000 bytes (10 MB). This is also the highest supported value.
audit.consumer.file.maxAuditFiles
Specifies the maximum number of files with a specific prefix. When all files reach the maximum size and the maximum number of files is exceeded, the oldest file with a specific prefix is overwritten. The default value is 100 files. This is also the highest supported value.

Configuring dynamic audit events

The following table lists the supported actions and properties for each event with the related default values. You can configure these values in the audit.properties file.
Table 1. Auditable event properties
Event Action Property Default value
JobDefinitionAuditEvent create audit.tdwb.JobDefinitionAuditEvent.create.enabled true
delete audit.tdwb.JobDefinitionAuditEvent.delete.enabled true
get audit.tdwb.JobDefinitionAuditEvent.get.enabled true
query audit.tdwb.JobDefinitionAuditEvent.query.enabled false
update audit.tdwb.JobDefinitionAuditEvent.update.enabled true
JobLogAuditEvent get audit.tdwb.JobLogAuditEvent.get.enabled true
JobAuditEvent cancel audit.tdwb.JobAuditEvent.cancel.enabled true
get audit.tdwb.JobAuditEvent.get.enabled true
query audit.tdwb.JobAuditEvent.query.enabled false
submit audit.tdwb.JobAuditEvent.submit.enabled true
ResourceAuditEvent create audit.tdwb.ResourceAuditEvent.create.enabled true
delete audit.tdwb.ResourceAuditEvent.delete.enabled true
query audit.tdwb.ResourceAuditEvent.query.enabled false
resume audit.tdwb.ResourceAuditEvent.resume.enabled true
suspend audit.tdwb.ResourceAuditEvent.suspend.enabled true
update audit.tdwb.ResourceAuditEvent.update.enabled true
RelationshipAuditEvent create audit.tdwb.RelationshipAuditEvent.create.enabled true
delete audit.tdwb.RelationshipAuditEvent.delete.enabled true
query audit.tdwb.RelationshipAuditEvent.query.enabled false
RecoveryActionAuditEvent invoke audit.tdwb.RecoveryActionAuditEvent.invoke.enabled true
HistoryDataAuditEvent move audit.tdwb.HistoryDataAuditEvent.move.enabled true

By default, auditing is disabled for query actions, while all the other actions are enabled. If the auditing feature is disabled, all properties are ignored.