Configuring audit logging for role based access control activity
The audit logging feature in Cloud
APM logs
significant events relating to role-based access control activity. The output of the audit logging
feature helps you to determine the following information:
- Who (user, service, or process) initiated the action?
- What activity occurred and what was the result?
- When did the activity occur?
- Where was the activity observed?
- What resource did the activity target?
- Where did the activity get initiated?
- Where was the target of the activity?
Note: The audit logging feature does not capture events relating to user authentication, for
example, it does not capture if a user is created or deleted, but it does capture if a user is added
to a role, or deleted from a role. All activity on the Role Based Access Control page conducted by a
role administrator is captured.
Each audit log event is written as a single line in the audit log file. A single audit log event
has the following general
structure:
<AuditEvent ...>
<Who … />
<What …/>
<When …/>
<OnWhat …/>
<Where …/>
<WhereFrom …/>
<WhereTo …/>
</AuditEvent>
<AuditEvent ...>
The PD Collector tool is the Problem Determination Collector tool. You use the PD Collector tool to gather required logs and other problem determination information. The output of the PD Collector tool is requested by IBM® Support if you open a support ticket. The audit log and trace log files are collected when you run the PD collector tool. For more information, see the Troubleshooting and support.