User access logging

User access logging track and monitor users activities in DOORS® Next and Jazz® Foundation. The logging mechanism captures various user actions against application artifacts such as access to sensitive data or features, updates to user settings, configurations, projects, and artifact URIs.

About this task

The user access logging primarily:
  • Captures user actions that are performed on an artifact.
  • Records all incoming HTTP requests from a client (user through web browser, Rich Client, or automation).
  • Provides the ability to enable and disable the user access logs. By default the user access logging is disabled.
  • Provides the ability to configure an access log file based on the supported features of log4j2 such as message layout and log file name, size, and rollover.
  • Facilitates auditing and compliance requirements.

The user access logging is disabled by default, but you can enable it by setting the configuration property in the Advanced Properties page and adding the com.ibm.team.repository.service.audit.access.enableUserAccessLogging=true system property in the server.startup script.

The name of the new log files are rm-access.log and jts-access.log and are available at JazzInstallDir/server/liberty/servers/clm/access.

Procedure

  1. Go to JazzInstallDir/server and open the server.startup (server.startup.bat on Windows) file for editing.
  2. Add the following line to the file:
    For Windows operating system 
    set JAVA_OPTS=%JAVA_OPTS% -Dcom.ibm.team.repository.service.audit.access.enableUserAccessLogging=true
    For Unix operating systems 
    JAVA_OPTS="$JAVA_OPTS -Dcom.ibm.team.repository.service.audit.access.enableUserAccessLogging=true"
  3. Save and close the file.
  4. Restart the server.
  5. Navigate to Application > Advanced Properties > com.ibm.team.repository.service.audit.access.AccessAuditService.
  6. Set the Enable user access audit logging to true.
  7. If you want to enable detailed logging, set the Enable user access audit service for detailed logging to true.
    The user access audit logging captures details like HTTP request methods, headers, parameters, and other basic details. It does not captures the content within the request body.
    Note: Detailed logging increases the system load proportionally to the amount of data logged. If the detailed logging affects the system performance, disable the detailed logging.

    Enabling detailed logging will write the basic logging and the content from the request body (excluding binary data).