Page History
...
The Audit Log is written by the JS7 - REST Web Service API. and is maintained for all job-related objects such as Workflows, Orders, etc., whose states are modified by users carrying out actions such as starting, stopping or suspending an Order. It uses a format that is human and machine readable and fulfills the following main functions:
- provide provision of a compliance-conform record in a simple file format that can be archived and handed over to a compliance officer,
- provide provision of operational records of job scheduling activities for reporting purposes,
- provide provision of an operational record that is readily accessible to operating staff,
- provide provision of a second source of operational information if the database used to store operational records is not available.
...
- The Audit Log is written automatically by the JS7 Web Services:
- Entries to the Audit Log are made when an action that changes the state of a JS7 Object is initiated in the JOC Cockpit or other application accessing the JobScheduler Web Services.
- There is no mechanism for switching off the Audit Log.
- The Audit Log is written in two locations simultaneously:
- In the DBMS used by the JS7 Web Services:
- This instance is used by the JOC Cockpit to allow operators to view the Audit Log information.
- It is also used by the JOC Cockpit to generate a Microsoft Excel®-compatible export file for reporting purposes.
- In the Audit Log file:
- It is intended that this file is archived and used as a compliance record. System Administrators can make a copy of this file available to operating staff should the DBMS should not be available.
- The Audit Log file is named
audit.log
and located in- the
jetty_base/logs
folder on Linux systems and on Windows wherejetty_base
is the directory containing the Jetty web server configuration files as described in the JS7 - Log Files and Locations article.
- the
- In the DBMS used by the JS7 Web Services:
- All new entries will be added to the Audit Log - neither the log file nor the DBMS records are overwritten.
- System administrators have to arrange an archiving and housekeeping system for the Audit Log file according to relevant compliance laws and corporate governance.
- It is the responsibility of system administrators to check compliance requirements such as the retention period for the information contained in the Audit Log file.
- The Audit Log is visible in the JOC Cockpit to:
- Users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
- The default authorization permissions for the Audit Log which are configured for the JOC Cockpit are listed in the Permissions Matrix shown in the Authentication and Authorization - Permissions for the JOC Cockpit Web Service article.
- System Administrators with access to the DBMS used by the JOC Cockpit or the file system where the Audit Log file is written.
- Users with the appropriate permissions. The specification of user permissions is described in the Authentication and Authorization - Configuration article.
- The Audit Log is read-only for all JOC Cockpit users - only System Administrators that have access to both the file system and to the database can modify the log.
...
Users carrying out actions are able to add an explanatory comment comments - Reason, Time Spent and Ticket Link - for each action. These comments are entered as part of the specification of an action and are then saved in the Audit Log. They can then be read by all other JOC Cockpit users that have the necessary permissions. The form for the 'Add Order' action is shown as an example in the following screenshot:
...
Predefined Reasons are found in the User->Settings menu, see the above screenshot of the respective relevant page.
Individual Reasons
Individual Reasons can be entered in the text field as shown in the screenshot near the top of this page.
...
The arrow at the left hand side of each entry in the Audit Log view list allows to see more detailed information about the request submitted to the JS7 Web Services - the Request Body to be viewed. This opens in a new row in the Audit Log as shown in the following screenshot and includes information about the Controller by with which the order is to be processed onprocessed, as well as the order variables and start time:
...
The following sample shows a number of Web Service requests that have been performed by a user logging in with the the root user account who logged in at 03:06:50
and , who created a new folder to import and deploy workflows and to finally add added a number of orders to a workflow workflow:
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
2021-08-03T02:54:43,440 INFO REQUEST: ./orders/add - USER: root - PARAMS: {"controllerId":"testsuite","orders":[{"workflowPath":"/ap/apWarnIfShorterThan","scheduledFor":"now"}],"auditLog":{}} - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T02:54:49,822 INFO REQUEST: ./orders/add - USER: root - PARAMS: {"controllerId":"testsuite","orders":[{"workflowPath":"/ap/apWarnIfLongerThan","scheduledFor":"now"}],"auditLog":{}} - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T02:56:29,752 INFO REQUEST: ./inventory/store - USER: root - PARAMS: {"objectType":"WORKFLOW","path":"/ap/apSomethingNew","valid":false,"configuration":{}} - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T03:06:50,940 INFO REQUEST: ./login - USER: root - PARAMS: - - COMMENT: all - TIMESPENT: - - TICKET: - 2021-08-03T03:06:55,543 INFO REQUEST: ./inventory/store - USER: root - PARAMS: {"path":"/TestRuns/Test0000000070","objectType":"FOLDER","valid":true} - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T03:06:56,241 INFO REQUEST: ./inventory/import - USER: root - PARAMS: - - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T03:06:57,581 INFO REQUEST: ./inventory/deployment/deploy - USER: root - PARAMS: {"controllerIds":["testsuite"],"store":{"draftConfigurations":[{"configuration":{"path":"/TestRuns/Test0000000070","objectType":"FOLDER","recursive":true}}]}} - COMMENT: - - TIMESPENT: - - TICKET: - 2021-08-03T03:07:03,477 INFO REQUEST: ./orders/add - USER: root - PARAMS: {"controllerId":"testsuite","orders":[{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}},{"workflowPath":"/TestRuns/Test0000000070/tcpForkBalanced_001-imported","orderName":"Test0000000070","arguments":{}}, ... |
...
Depending on the number of deployments and interventions to the cause of order execution the Audit Log can grow to some a considerable size.
The Audit Log in the JS7 database is purged by the JS7 - Cleanup Service. However, users who prefer to implement their own housekeeping and archiving according to their business and compliance requirements can disable purge purging of the Audit Log by the Cleanup Service.
...