Hi Bram,
indeed, it looks as if the documentation is outdated in this case. I checked
the code and the mechanism for auditing
is not used anymore. I'm not sure, when this was changed.
And currently there is no alternative audit mechanism.
The only alternative ( but this is not really an audit log ) would be to
change the log4j2.xml and set the logger configuration for the logger
org.apache.archiva.redback.rest.services.DefaultLoginService
to debug.
You can redirect the logging of this logger to the archiva-security-audit.log
by:
<logger name="org.apache.archiva.redback.rest.services.DefaultLoginService"
additivity="false" level="debug">
<appender-ref ref="redbackAuditLog" />
</logger>
And you should better set the immediateFlush="true" attribute on the appender.
Sorry for that.
Regards
Martin
Am Samstag, 26. Juni 2021, 14:45:39 CEST schrieb Bram Van Dam:
> Greetings,
>
> I'm running Archiva 2.2.5 and I'm having some difficulty getting audit
> logging to work.
>
> The documentation [1] seems to suggest that it should Just Work and log
> user logins etc, but the file remains empty. Regular logging seems to
> work reasonably well [2], it's just this one logfile that doesn't seem
> to want to cooperate.
>
> I've tried increasing the log level for the redbackAuditLog to debug,
> but that hasn't made any difference.
>
> Any pointers in the right direction would be much appreciated :-)
>
> - Bram
>
> [1] https://archiva.apache.org/docs/2.2.5/adminguide/security-logs.html
>
> [2] archiva.log contains very rudimentary "login failed" events, but
> doesn't include a remote IP address, only the username. And the request
> log logs login failures with status code 500, making it very difficult
> to do any meaningful auditing.
>
>
