Configuring security auditing using scripting
Security auditing provides tracking and archiving of auditable events. This topic uses the wsadmin tool to enable and administer your security auditing configurations.
About this task
- Determine the time that a specific user attempted to access a resource.
- View information for successful and unsuccessful attempts to access resources.
- Review changes to resources that were made by a specific user.
- Determine the cause of unsuccessful login attempts.
Use the following task outline to enable and configure security auditing in your environment:
Procedure
- Enable administrative security in your environment.
- Configure auditable
events. The security auditing configuration provides four default auditable filters. Use this topic to configure filters for additional audit events.
- Configure audit
event factories. The security auditing configuration provides a default event factory. Use this topic to configure additional audit event factories.
- Configure audit service
providers. The security auditing configuration provides a default service provider. Use this topic to configure additional audit service providers.
- Set the global audit
policy. After setting up audit event factories, service providers, and events, use this topic to enable security auditing.