Java logger behavior

This section describes how the auditing feature behaves.

The auditing feature uses a Java™ logger framework, but directs the output to a configurable file. The name of the audit Java logger is visible on the Java logger interfaces.

You can enable or disable the output to the logger and adjust the level of log output by varying the log level in the Java run time.

The audit code uses a custom formatter. This means that the output format is the Security Access Manager XML audit file format. The Java logger namespace for auditing has a configurable component that allows each Java API exploiter to have a separate audit file and namespace.

The following are the loggers for authentication and management auditing:

com.tivoli.pd.rgy.audit.{blade}.authn - Authentication audit logging
com.tivoli.pd.rgy.audit.{blade}.mgmt - Management audit logging

where {blade} is the value of the configuration property appsvr-servername.

Note: If there are two separate instances of RgyRegistry in the same JVM, that use the same appsvr-servername value, the instance shares one audit log file. The instance that was created first defines the audit log file to be used. The second instance continues to use any existing logger of the same name.