13.2.2 Audit Logs of Output by the Tenant Management, Accounting, Access Control and System Condition

This section explains audit logs of output by the tenant management, accounting, access control and system condition functions.

Point

If L-Platform Management is operated, audit logs will be output to Configuration Manager. Refer to "13.2.1 Configuration Management Audit Log"for details.
Audit logs relating to the registration, modification or deletion of infrastructure administrators, infrastructure operators, infrastructure monitors, administrators, operators and/or monitors can be checked in the OpenDS access log.
The storage locations and file names of OpenDS access logs are as follows.
[Windows]
<OpenDS Installation directory>\opends\logs\access
[Linux]
/opt/fujitsu/ServerViewSuite/opends/logs/access
Refer to the OpenDS website for details on OpenDS access logs.
URL: https://docs.opends.org/2.2/page/DefAccessLog (As of February2012)

Output format

Audit logs are CSV files where the following items are output in the following order:

Output format
operation date/time,user ID,tenant name,operation type,operation information,operation result

Item	Description
operation date/time	The date/time when the operation was performed. The date/time is output using the following format: YYYY-MM-DD HH:MM:SS.sss (local time)
user ID	The user ID of the user that performed the operation.
tenant name	The tenant name of the user that executed the operation. If the operation is performed from tenant management GUI, the tenant name is fixed as "ctmgadm".
operation type	The type of the operation performed. Refer to "Operation types and operation information" for details.
operation information	Detailed information for the operation type. Refer to "Operation types and operation information" for details.
operation result	The result of the operation performed. One of the following values is output: SUCCESS: When the operation was successful FAILURE: When the operation failed

Output files

Audit logs are output to the following files:

Function	Output file
Tenant management (GUI operations from the ROR Console)	[Windows] <Installation directory for this product>\RCXCTMG\SecurityManagement\log\ctsec_audit_a.log [Linux] /var/opt/FJSVctsec/log/ctsec_audit_a.log
Tenant management (creating users from the ROR Console: Provisional account registration method)	[Windows] <Installation directory for this product>\RCXCTMG\SecurityManagement\log\ctsec_audit_s.log [Linux] /var/opt/FJSVctsec/log/ctsec_audit_s.log
Accounting	[Windows] <Installation directory for this product>\RCXCTMG\Charging\log\ctchg_audit.log [Linux] /var/opt/FJSVctchg/log/ctchg_audit.log
Access Control	[Windows] <Installation directory for this product>\RCXCTMG\SecurityManagement\log\ctac_audit.log [Linux] /var/opt/FJSVctsec/log/ctac_audit.log
System condition	[Windows] <Installation directory for this product>\SWRBAM\CMDB\FJSVcmdbm\var\log\audit\uigui\cmdb_audit.log [Linux] /opt/FJSVcmdbm/var/log/audit/uigui/cmdb_audit.log

Procedure for changing the file size and the number of generations held

By default, audit log files are rotated when they reach 10 MB.
To change the maximum size of audit log files or the maximum number of generations held, perform the following procedure:

Stop the manager.
Refer to "7.2 Starting and Stopping the Manager" in the Setup Guide CE for information on how to stop the manager.

Edit the appropriate items in the following definition files:

Definition files

Function	Definition file
Tenant management (GUI operations from the ROR Console)	[Windows] <Installation directory for this product>\RCXCTMG\conf\auditsecalog4j.xml [Linux] /etc/opt/FJSVctmg/conf/auditsecalog4j.xml
Tenant management (creating users from the ROR Console: Provisional account registration method)	[Windows] <Installation directory for this product>\RCXCTMG\conf\auditsecslog4j.xml [Linux] /etc/opt/FJSVctmg/conf/auditsecslog4j.xml
Accounting	[Windows] <Installation directory for this product>\RCXCTMG\conf\auditchglog4j.xml [Linux] /etc/opt/FJSVctmg/conf/auditchglog4j.xml
Access Control	[Windows] <Installation directory for this product>\RCXCTMG\conf\auditaclog4j.xml [Linux] /etc/opt/FJSVctmg/conf/auditaclog4j.xml
System condition	[Windows] <Installation directory for this product>\SWRBAM\CMDB\FJSVcmdbm\CMDBConsole\WEB-INF\classes\log4j.properties [Linux] /opt/FJSVcmdbm/CMDBConsole/WEB-INF/classes\log4j.properties

Setting items

Setting item	Description
MaxFileSize	This item sets the maximum size of audit log files. The file size can be specified using a combination of an integer greater than 0 and a unit (KB, MB or GB). (1), (2) Example: <param name="MaxFileSize" value="500KB"/>
MaxBackupIndex	This item sets the maximum number of generations of the audit log file. An integer greater than 0 can be specified. (*1) Example: <param name="MaxBackupIndex" value="50"/>

*1: Do not specify decimal fractions. Also, do not leave a blank space.
*2: Do not specify a maximum file size that is larger than the size of the disk. Conversely, do not set values that are too small for the maximum file size, or else the logs will be overwritten frequently.

Start the manager.
Refer to "7.2 Starting and Stopping the Manager" in the Setup Guide CE for information on how to start the manager.

Operation types and operation information

The following table shows the operation types and operation information that are output to audit logs:

Function	Operation type	Content	Operation information (*1)
Tenant management (GUI operations from the ROR Console)	registUser	Notify user registration	"mail=""xxx@com"""
	createUser	Create users	"userid=""<user ID of the user created>""&mail=""xxx@com"" &lastname=""<last name>""&firstname=""<first name> ""&auth=""tenant_admin\|tenant_operator\|tenant_monitor\|tenant_user"" &explanation=""xxxx""&corporatename=""fujitsu"" &emergencymail=""yyy@com""&emergencytel=""0000""" (only if the infrastructure administrator performed or the tenant administrator performed by the direct registration method)
	deleteUser	Delete users	"userid=""<user ID of the user deleted>"""
	updateUser	Update user information	"userid=""<user ID of the user updated>""&mail=""xxx@com"" &lastname=""<last name>""&firstname=""<first name>""" &auth=""infra_admin\|infra_operator\|administrator\|monitor\|operator\|tenant_admin\|tenant_operator\|tenant_monitor\|tenant_user"" &explanation=""xxxx""&corporatename=""fujitsu"" &emergencymail=""yyy@com""&emergencytel=""0000"""
	listUser	Get a list of user information	None.
	moveUser	Relocate users	"userid=""<user ID of the user that has been relocated>""&oldorgid=""<tenant name of the original tenant>"" &neworgid="" tenant name of the tenant to which the user has been relocated"""
	updatePassword	Update passwords	"userid=""<user ID of the user whose password has been updated>"""
	createOrg (2) (3)	Create an tenant	"orgid=""<tenant name of the tenant that has been created>""&orgname=""<tenant name>"" &mail=""xxx@com""&globalpool=""<global pool that has been set>"""
	deleteOrg (*3)	Delete tenants	"orgid=""<tenant name of the tenant that has been deleted>"""
	updateOrg (2) (3)	Update tenant information	"orgid=""<tenant name of the tenant that has been updated>""&orgname=""<tenant name>"" &mail=""xxx@com""&globalpool=""<global pool that has been set>"""
	listOrg	Get a list of tenant information	None.
Tenant management (creating users from the ROR Console: Provisional account registration method)	createUser	Create users	"userid=""<user ID of the user created>""&mail=""xxx@com"" &lastname=""<last name>""&firstname=""<first name>""""&auth=""tenant_user"" &explanation=""xxxx""&corporatename=""fujitsu"" &emergencymail=""yyy@com""&emergencytel=""0000"""
Accounting	updatePMaster	Update product master	None.
	listPMaster	Get a list of product master	None.
	updateMlogSch	Update periodic log schedule settings	"use=""yes\|no""&time=""<time of output of periodic log>""&type=""<frequency of output of periodic log>""&day=""<day of output of periodic log>"""
	listMlogSch	Get a list of periodic log schedule settings	"use=""yes\|no""&time=""<time of output of periodic log>""&type=""frequency of output of periodic log""&day=""<day of output of periodic log>"""
	listMeteringlog	Get a list of metering logs	"start=""<start date of the acquisition period>""&end=""<end date of the acquisition period>"" &type=""event\|period"""
	deleteMlog	Delete metering logs	"retention=""<log entry retention period>"""
Access Control	updateAuthority	Access authority modifications	"roleid=""<role name of modification target>"" &actionid=""<action ID of modification target>"" &permission=""<allow/deny status of specified action>""" (The above information will be output as follows: one information item when a role name is specified, or if a file is specified, the number of information items will match the number of action IDs.)
System condition (*4)	dispUsageStatus	Display usage condition	None.

*1: If a value is not set for an item, """" is output.
An example is shown below.

... &globalpool=""""...

*2: If multiple global pools have been set, the global pools are output separated by commas.
An example is shown below.

...&globalpool=""/AddressPool,/ImagePool""...

*3: For the operation result of createOrg, deleteOrg, or updateOrg, the processing result will be output. Use the operation log (resource operation) to check the actual processing result. Refer to "13.1 Operation Logs" for information on how to check the operation log (resource operation).

*4: Audit logs for usage condition are output only when operations are performed from the ROR Console.