4 Replies Latest reply on Jan 10, 2022 1:25 PM by Subbu K

    Audit logs for REST calls using BES

    Sundar Sankarapandian Active Member

      Hi All,

       

      Is there any way to track (or) audit the REST call transactions we do on Business Entity Services.?

       

      When using SIF calls through EJB's, we can track the audit by enabling C_REPOS_AUDIT.  For BES with REST calls do we have anything similar other than checking the transaction logs from cmxserver and cmxcleanse.?

        • 1. Re: Audit logs for REST calls using BES
          Sundar Sankarapandian Active Member

          Got response from INFA and an enhancement request is raised for this (MDM-20358)

          • 2. Re: Audit logs for REST calls using BES
            Jani Painokallio New Member

            Is there update for this MDM-20358 request? Is there way to set audit for these?

            • 3. Re: Audit logs for REST calls using BES
              Priyesh Gupta Seasoned Veteran

              Hi Sundar,

               

              If you are looking for the request and response as workaround you follow below steps  ....

               

              How to print the request and response from a Jboss HTTP(S) request

               

               

              Background:

               

              There are many times when we want to capture/validate the HTTP request that is being processed by the jboss server. Instances include:

              1. To isolate LB issues to ensure session stickiness
              2. To isolate cookie issues from client to server
              3. Access log cannot print the whole information as we do not know all the headers and the cookie names.

              Steps:

              • To enable:

              /subsystem=undertow/configuration=filter/expression-filter=requestDumperExpression:add(expression="dump-request") /subsystem=undertow/server=default-server/host=default-host/filter-ref=requestDumperExpression:add

              • To disable:

              /subsystem=undertow/server=default-server/host=default-host/filter-ref=requestDumperExpression:remove

                /subsystem=undertow/configuration=filter/expression-filter=requestDumperExpression:remove

               

              Regards,

              Priyesh

              • 4. Re: Audit logs for REST calls using BES
                Subbu K Guru

                Another option that can be used is through log4j.

                 

                BES input and output messages are available in cmxsever log but only in DEBUG mode.

                 

                a) Enable DEBUG mode only for BES messages, keep others in WARN or ERROR mode, as you could be doing this in production.

                b) Route the above DEBUG messages into a separate file appender

                c) The specific appended can be a da simple file writer

                 

                All the above can be done directly in log4j without custom coding.

                 

                Now you should be able to track all input and output messages through a file or a database table.

                 

                Of course, above changes may affect the performance a little, but it depends on how fast your file writing/db writing would be during a transactional window. Overall, it should not impact the performance badly as these would be called only during BES operations.