Audit Logging deprecated

How it works

Starting with v7.8.2 the Open-Xchange Server provides a special SLF4J logger named com.openexchange.log.audit.AuditLogService that currently tracks the following events

  • Login to Open-Xchange Server
  • Logout from Open-Xchange Server
  • Connect to internal/external IMAP
  • Connect to internal/external SMTP
  • Connect to internal/external POP3

That special SLF4J logger can be operated in two different modes:

  1. Standard mode
  2. Dedicated mode

Standard mode

In standard mode the logger uses the regular Open-Xchange Server logback configuration. Then the logger outputs its log messages in the same way and to the same location as configured for Open-Xchange Server through logback.xml configuration file.

Dedicated mode

In dedicated mode the logger uses its own file logging. Then the logger writes its messages to dedicated rotating files using its own layout pattern.

Installation

This feature is included in open-xchange-core package. Thus, no additional packages are required being installed.

Configuration

An administrator is able to configure this feature through /opt/open-xchange/etc/slf4j-auditlog.properties file. The options are reloadable at any time.

Enabling

The feature is enabled via com.openexchange.log.audit.slf4j.enabled property, which defaults to false. If set to truethe property com.openexchange.log.audit.slf4j.level defines what log level to choose when outputting log messages (default is info).

Message layout

This section describes all properties that influence how a log message looks like

   ox.login|login=thorben|ip=::1|timestamp=2016-06-10T10:31:10Z
   ox.login|thorben|::1|2016-06-10T10:31:10Z

Message destination

The special property com.openexchange.log.audit.slf4j.file.location defines whether the logger uses its own file logging and layout or if standard log configuration is used.

If no value is specified for that property standard logging is performed.

Dedicate log files

If set to a non-empty file location/pattern, dedicated log files are created. Example com.openexchange.log.audit.slf4j.file.location=/var/log/open-xchange/slf4j-auditlog.log yields log files:

  • /var/log/open-xchange/slf4j-auditlog.log
  • /var/log/open-xchange/slf4j-auditlog.log.1
  • /var/log/open-xchange/slf4j-auditlog.log.2
  • ...
  • /var/log/open-xchange/slf4j-auditlog.log.N

These properties defines how many files are created, what its max. size is and what layout pattern is used for a log line: