Audit log ~ EAP


Quick note for JBoss ~ enabling Audit log

The audit log can be used ~ as the name says ~ to Audit information as who and when are logging. The original reference is here.

Audit log xml:

The following XML can be used as a model:

                <json-formatter name="json-formatter"/>
                <file-handler name="file" formatter="json-formatter" relative-to="" path="audit-log.log"/>
            <logger log-boot="true" log-read-only="false" enabled="true"> 
                    <handler name="file"/>


The output will be on the file:


Logger configuration ~ three configurations

JBoss Audit log has three configuration modes – that basically will filter the amount/type of data that will be recorded, as below:

Attribute Description
enabled true to enable logging of the management operations
log-boot true to log the management operations when booting the server, false otherwise
log-read-only If true all operations will be audit logged, if false only operations that change the model will be logged


Btw: log-read-only when is used, increase the overhead considerably, since there are many operations that happen every 15s/20s in EAP.


CLI command for the configuration attributes above:

cli-command#  /core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)

cli-command#  /core-service=management/access=audit/logger=audit-log:write-attribute(name=log-boot,value=true)

cli-command#  /core-service=management/access=audit/logger=audit-log:write-attribute(name=log-read-only,value=true)


I work at Red Hat with EAP.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s