Hi Bram, indeed, it looks as if the documentation is outdated in this case. I checked the code and the mechanism for auditing is not used anymore. I'm not sure, when this was changed. And currently there is no alternative audit mechanism.
The only alternative ( but this is not really an audit log ) would be to change the log4j2.xml and set the logger configuration for the logger org.apache.archiva.redback.rest.services.DefaultLoginService to debug. You can redirect the logging of this logger to the archiva-security-audit.log by: <logger name="org.apache.archiva.redback.rest.services.DefaultLoginService" additivity="false" level="debug"> <appender-ref ref="redbackAuditLog" /> </logger> And you should better set the immediateFlush="true" attribute on the appender. Sorry for that. Regards Martin Am Samstag, 26. Juni 2021, 14:45:39 CEST schrieb Bram Van Dam: > Greetings, > > I'm running Archiva 2.2.5 and I'm having some difficulty getting audit > logging to work. > > The documentation [1] seems to suggest that it should Just Work and log > user logins etc, but the file remains empty. Regular logging seems to > work reasonably well [2], it's just this one logfile that doesn't seem > to want to cooperate. > > I've tried increasing the log level for the redbackAuditLog to debug, > but that hasn't made any difference. > > Any pointers in the right direction would be much appreciated :-) > > - Bram > > [1] https://archiva.apache.org/docs/2.2.5/adminguide/security-logs.html > > [2] archiva.log contains very rudimentary "login failed" events, but > doesn't include a remote IP address, only the username. And the request > log logs login failures with status code 500, making it very difficult > to do any meaningful auditing. > >