GitHubContribute in GitHub: Open doc issue|Edit online

Server Audit Capabilities

You can audit IBM® Security Verify Directory Integrator events. Notifications are created for each event. You can know more about the audit capabilities through the information provided here.

The IBM® Security Verify Directory Integrator Audit Component enables the IBM® Security Verify Directory Integrator Server to audit events such as authentication and authorization in the Server API.

Notifications are generated when authentication and authorization (auth*) events occur. Audit data is packaged into an Entry and provided as user data in the notification. The "Audit Service" consists of a separate Audit config that is automatically loaded by the IBM® Security Verify Directory Integrator server. The Audit config contains auto-started Audit AssemblyLines. The Audit ALs iterate on the notification connector using suitable filters. IBM® Security Verify Directory Integrator users can even generate "user defined notifications" if they want to create audit events from within their own code.

IBM® Security Verify Directory Integrator auditing contains two main parts:

  • A way for generating the necessary audit information
  • An "Audit service" for handling existing audit data

Generating necessary audit information is implemented by creating IBM® Security Verify Directory Integrator Entries on each audit point in the Server API, and by broadcasting these Entries wrapped in a notification. For this purpose a new class is presented in the Server API (com.ibm.di.api.APIAuditor), that generates the Entry, attaches the Entry as UserData to a notification, and sends it to all interested listeners.

The "Audit Service" is the main consumer of the audit notifications. The Audit Service is a config consisting of several ALs that iterate on the Notification Connector. Using different filters can register to a variety of notification types.

  • Auditing scope
    Only those events can be considered for auditing which pass the listed criteria.
  • Suppression of notifications
    You can know more about suppression of notifications, commands to generate the suppressed event types, method to do the same through the information provided here.
  • Sending notifications
    You can deliver a notification to every registered Listener. Here is a list of notification delivery parameters.