Security Logs

ESM creates two types of security logs: security log and configuration log. These logs record important configuration changes, which may affect the security of the application for example by changing permissions or authentication settings. Both logs store the time and type of the change and user who executed the action.

Logs are created by Log4j library and can be customized using webapp\WEB-INF\custom-log.properties file. If file doesn't exists then webapp\WEB-INF\classes\custom-log.properties is used, but it will be overridden on each update. To customize log location user must add JVM parameter efecte.logs.path="...".

Default location for security logs are:

• for Windows installations: EFECTE_INSTALLATION_DIR\log
• for Linux installations: EFECTE_INSTALLATION_DIR\tomcat\log

Logs are divided into two separate files:

• efecte_configuration.log
• efecte_security.log

Security Log

Security log logs the following events:

• Logins with a local account (who, when, where from [IP])
• Failed login attempts with a local account
• Logouts with a local account
• Successful AND failed changes on User “security settings”
  • User level changes
  • Authentication method
  • Password
  • Username
• User permission changes
  • user given a role
  • removed a role
•  Creating a role
•  Deleting a role
•  Creating a user  
• Deleting a user
• Giving a module permission to a role (write, read-only, none)
• Removing a module permission from a role
• Giving an administrative permission to a role
• Removing an administrative permission from a role
• Editing Search and user interface settings of a role
• Deleting a user folder (causes role & user deletion)
• Creating a user folder
• Changes in EUP configuration of a template (log the EUP path, old and new)

Configuration Log

Configuration log logs the following events:

• Deleting a template
• Deleting an attribute (affects these templates / classes)
• Adding a template
• Adding an attribute (affects these templates / classes)
• Deleting a folder
• Adding a folder
• Deleting a group/class (affects these templates / classes)
• Adding a group/class (affects these templates / classes)
• Adding an attribute to a group/class (affects these templates / classes)
• Removing an attribute from a group/class (affects these templates / classes)
• Adding a group/class to a template (affects these templates / classes)
• Removing a group/class from a template (affects these templates / classes)

Local Password Strength

It’s possible to define length and other requirements for local passwords (stored in Efecte Service Management database).

Platform setting password.rule.regexp contains the configuration as a regular expression.