Audit FrameWork in Liferay 6.1

Audit FrameWork in Liferay 6.1

What is the Use of Audit Framework???

We'lll start with a short Story here :

You've just finished lunch and are ready to get back to work. You have a site in Liferay you use to manage your project, and before you left, you were about to create a folder in your Documents and Media library for sharing some requirements documentation. Sitting down at your desk, you navigate to the repository and attempt to create the folder.

Surprisingly, Liferay tells you that..You do not have the required permissions.

What do you do now????................

In the morning..You had the permissions..But now you dont....!!!!!

This is where Audit Framework helps you. It tells you all the events that have occurred in your portal. So that, you can exactly get to the root of the cause.

Installing and configuring the audit plugins

Liferay's audit functionality is composed of two parts: a back-end piece that hooks into Liferay events, and a front-end piece that gives you an interface to see what's happening. Both of these are available as EE-only plugins in the Customer Portal or Liferay Marketplace, and you'll need to install both in order to get audit functionality working .

Once installed, there are two properties in your portal-ext.properties file which you can use to tweak the settings.

com.liferay.portal.servlet.filters.audit.AuditFilter: By default, this is set to false, because the audit plugins aren't installed by default. When you set it to true, the audit hook is able to capture more information about events, such as the client host and the client's IP address.

audit.message.com.liferay.portal.model.Layout.VIEW: In the code, pages are layouts. Setting this to true, therefore, records audit events for page views. It's turned off by default because this may be too fine-grained for most installations.

Once you've decided if you're going to use one or both of the two settings above, place them in your portal-ext.properties file and restart your Liferay server. Once it comes up, audit events are captured by Liferay, and you'll be able to use them to see what's happening in your portal.

Using audit events

Now that you're capturing audit events, it's easy to use them to view activities in your portal. Navigate to the control panel and you'll find a new entry in the Portal section labeled Audit Reports.

Control Panel view -  Audit reports

User Activities tracked by Audit Framework

Viewing audit reports

Finding what you want in a big list of events is, to use the expression, like searching for a needle in a haystack. This is why the audit portlet gives you a robust searching mechanism. By default, it looks pretty simple: there's only a single field for searching. Clicking the advanced link, however, reveals a search dialog broken out by various fields you can use in your search.
Let's look at the options we have for search.
Match: You can match all fields you've specified or any single field.
User ID: Specify the user ID you'd like to search for. This would be the user that performed some action in the portal that you'd like to audit.
User Name: Specify the user name you'd like to search for. This is often easier than searching for a user ID, especially if you don't have access to the Liferay database to find the user ID.
Resource ID: Specify the ID of the resource that was modified or viewed in this audit record.
Resource Name: Specify the name of the resource that was modified or viewed in this audit record. For example, you could search for User resources to see if someone modified a user's account.
Resource Action: Specify an action that was performed on the resource. This could be any one of the following: add, assign, delete, impersonate, login, login_failure, logout, unassign, or update.
Session ID: Specify the session ID to search for. You'd use this if you were correlating a session ID from your web server logs with activity in Liferay.
Client IP: Specify the IP address of the client that performed the activity you wish to audit.
Client Host: Specify the host name of the client that performed the activity you wish to audit.
Server Name: Specify the server name upon which the activity occurred. If you're using a cluster, each member of the cluster can be individually queried.
Server Port: Specify the server port upon which the activity occurred. You'd need this if you run a "vertical" cluster of multiple VMs on the same machine.
Start Date: Specify the low end of the date range you wish to search.
End Date: Specify the high end of the date range you wish to search.
Using this form, if you wanted to check to see if someone in the portal unassigned a user from a particular role, you might search for a resource name of user and a resource action of unassign. The results of such a search might look something like the figure below :

Advance Search – Audit Framework

As you can see, Liferay's audit portlets give you a lot of power to see what's happening in your portal. You can use this information to troubleshoot problems, determine ownership of particular actions etc.