Integration Server - Security Log

David_Cruz3 · February 23, 2015, 11:49am

Hi all,

I’m having problems understanding the security log configuration in Integration Server.

I have two Integration Servers running and one has his security log correctly logging authentications, which display authentication messages for a certain resource (success of fail). Here are some examples:

[i]- Successful login to the Integration Server for user smart on port 7100 → ‘ws/crm.customer._pub:customer’ from 212.18.169.163

Successful login to the Integration Server for user ftth on port 7000 → ‘ws/network.model.access.ftth._pub:FTTH2’ from 212.18.169.129[/i]

The other IS only display the failed authentications, like this ones:

[i]- Invalid Access to the Integration Server. Access denied for user dummy2 on port 7400 → ‘ws/people.fieldServiceTeam._pub:fieldService’ from 10.15.216.31

Invalid Access to the Integration Server. Access denied for user mw-it on port 7400 → ‘WmRoot/’ from 10.15.216.31[/i]

The problem is that I can’t find the mismatch between the two configurations, since it’s not under Settings > Logging where it should be.

Tong_Wang · February 23, 2015, 5:17pm

Which version of WM IS are you running?
from 8.0 or even earlier, the setting is under :
Settings > Logging > Security Logger

David_Cruz3 · February 23, 2015, 5:28pm

Sorry I forgot to mention but my two IS versions are 9.5.

As I previously stated the mismatch isn’t under Settings > Logging because all the configuration is the same for both servers, including the Security Loggger.

Mahesh_K_Sreenivas · February 23, 2015, 6:15pm

Compare the fix levels between two IS’s. It might be the reason sometimes.

David_Cruz3 · February 24, 2015, 2:57pm

Thanks M@he$h,

I checked the fixes and they were not the same on both servers. Now I applied the same fix for both IS but my problem persists

Jo_Roels1 · March 4, 2015, 1:55pm

Hey David Cruz,

The only logical explanation for this problem is the following.
When you got to
Settings->Logging–> Security Logger
you can see there one options that would explain your output.
Generate Auditing Data on "Success or Failure "

Can you check this on both servers plz?
And btw if this does not fix your problem, you can still try to change that options,
save your changes, change it back to the right option and save you changes again.

And if that does not work i would recommend to contact software ag.
Can you plz keep me posted?

David_Cruz3 · March 4, 2015, 2:49pm

Thanks for the reply Jo Roels,

The two configurations are the same, which the option “Generate Auditing Data on” is set to “Success or Failure”.

I tried changing it to “Success” but the second IS (the one that isn’t displaying the correct log) still doesn’t log the success messages for the Web Services access’s.

I will contact Software AG and keep you guys posted

Mahesh_K_Sreenivas · March 4, 2015, 3:17pm

I hope SAG will definitely provide you some workaround. Please do share us.

Mahesh_K_Sreenivas · March 4, 2015, 3:18pm

I hope SAG will definitely provide you some workaround. Please do share us.