Versions Compared

Old Version 1

changes.mady.by.user Catch Admin

Saved on

compared with

New Version 2

changes.mady.by.user Catch Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In Enterprise Tester 4.10, we are introducing a security audit logging mechanism. It is currently in BETA and defaults to be turned off for now, but for those interested in this feature we would love for you to give it a try and give us your feedback.

Supported Events

For the BETA in 4.10, the following events are supported by the audit logging feature:

  • Log on via username/password in browser
  • Log on via previously created remember-me cookie
  • Log on without username/password (single sign-on with crowd)
  • Log on - attaching to existing session (java applet for pasting screen shots)
  • Log on - failure due to username/password incorrect
  • Log on - failure due to license limit exceeded
  • Log on - failure due to account being disabled
  • Log on - failure due to exception
  • Log on via username/password (basic auth) for API call
  • Log on using apikey for API call
  • Log on using OAuth for API call
  • Log on - unauthorized because of invalid scheme or credentials for API call
  • Log on - OAuth validation failure (invalid signature, revoked token etc.) for API call
  • Session Started
  • Session End
  • User changed password (UI)
  • User failed to change password (UI)
  • User requests password reset
  • User completes password reset
  • Password reset URL has expired
  • Create a user
  • Delete a user
  • Enable user account
  • Disable user account
  • Create group
  • Delete group
  • Rename group
  • Add user to project
  • Remove user from project
  • Add user to group
  • Remove user from group
  • Set users for a group
  • Set groups for project
  • Set groups for user
  • Set global permissions on a user
  • Set global permissions on a group
  • set project-level permissions on a user
  • Set project-level permissions on a group
  • Insufficient permissions for API Request (Forbidden)
  • Insufficient permissions to access front-end page
  • Entity Viewed by front-end user

Turn it On!

To turn security audit logging you need to edit your logging.config file.  Typically you can find the logging.config file with your installation files :  C:\Program Files (x86)\Catch Limited\Enterprise Tester\Web\logging.config.

...

After saving changes the logging.config file, you must restart the Enterprise Tester application pool (or IIS) for the changes to take effect.

Reading the Audit Log

By default the security audit log events will be rendered like this:

...

The session and thread identifiers are specifically useful in correlating security events occurring for a specific user, browser or background process - as these may be logged out of order on a busy ET server which has many users accessing it concurrently.

Changing Output Format

For some Administrators, you may be looking to generate logs with either less information, or a different format, suitable for pushing into a 3rd party system - this is done by changing the conversion pattern.

...

Details of the conversion patterns available are here.

Integrating with syslog

Syslog is a standard for computer message logging - it's a way to separate software that generates log messages (such as Enterprise Tester's security audit logging) and tools/servers which can handle storage, reporting and analysis of those log messages (such as logstash).

...