Lawson Security Property, Log, and Audit Files
Logging
You can log security and Single Sign-On information. By default, severe and warning messages for security are logged in the lase.log and lase_serverN.log files. You can log additional information by selecting General, All, or Debug on the Auditing + Logging tab. Logging is performed for the users you select on the Auditing + Logging tab. Single Sign-On logging only occurs if you set up the sso_tracing.properties file.
You can further control logging through the ls_logging.properties file and the SecurityLoggerConfiguration.xml. The ls_logging.properties file enables you to set the logging level for different components of the security system, such as the authentication or authorization components. The SecurityLoggerConfiguration.xml file enables you to set logging and tracing levels for different security packages.
| File | Description |
|---|---|
| lase.log | Contains a record of events (such as startups and shutdowns of the security server) and errors that are triggered by the security C API. |
|
lase_server_ n .log where n is a number |
Contains logging event information, including which properties file was used to control the current logging configuration as well as the detail the ls_logging.properties file indicates should be logged. For more information, see the section "Working with the Lawson Security Server Log File (lase_server_#.log)". |
| ls_logging.properties |
Configuring logging properties through the Lawson Security Administrator Auditing+Logging tab is the most common way to do it. However, this properties file is also available. The names of the logging settings in the file are different from those on the Security Administrator. In the file, the available levels of logging are SEVERE, WARNING, INFO, FINER, and FINEST. If you make changes to ls_logging.properties, they will take effect the next time the security server is stopped and started. For more information, see the section "Working with the Lawson Security Server Log File (lase_server_#.log)". |
| sso_tracing.properties | Use to turn single sign-on logging on and off, and to set the types of services that will be traced. The options for services are FSSO, BSSO, API, and SSSO. |
| sso_ number .log | Contains logging information related to single sign-on. This file has contents only if you turn on SSO logging through the sso_tracing.properties file. |
| SecurityLoggerConfiguration.xml | Use to adjust the log and trace setting, set the name of the log file, and enable or disable logging functions for security logging. |
| security.log |
Default name for the standard log file for the security server containing security access messages. The contents of this log file are configured through the SecurityLoggerConfiguration.xml file. |
| lase_server.log |
The lase_server_*_*.log (LSF only) tracks updates to the security server (lase). The contents of this log file are configured through the SecurityLoggerConfiguration.xml file. |
| security_authen.log |
Use to capture authenication information such as logging in, logging out, session timeouts, cookie information, and LDAP error codes. This log file also logs startup and shutdown activity of LASE. The contents of this log file are configured through the SecurityLoggerConfiguration.xml file. |
| security_assertion.log | Use to track security key information used by Direct IOS. |
| security_events.log | Use to track information about the security monitoring service, including client-to-server and server-to-client events such as Authentication API calls. |
| security_monitoring.log | Use to track information about the security monitoring service, including messages from the running jobs on the background that checks Usage Peaks of user session. |
| security_persistence.log | Use to track all database-related messages, such as success and failure of executing SQL statements. |
| security_search.log | Tracks information about the search function in Infor Security Services. |
| lawrm.log | Tracks generic security information related to LDAP. |
| security_provisioning.log | Contains all federation- and synchronization-related transactions, including normal security processing of adding new users and synchronizing on federated systems. |
Auditing
You set up and turn on auditing through the Auditing + Logging tab. You can audit the following events:
-
Administrator Additions (New rules added to the administrative profile by a security administrator as well as added resources by a security or resource administrator)
-
Administrator Changes (Changes to the rules in the administrative profile by a security administrator as well as changes to resources by a security or resource administrator)
-
Administrator Deletions (Deleted rules in the administrative profile by a security administrator as well as deleted resources by a security or resource administrator)
-
Access Denials (Attempts by a user to access a securable object where the user has not been granted access)
-
Identity Management (Additions, changes, or deletions to identities)
You can view auditing information through the audit reports or by archiving the audit information and then viewing the *.audit files.
| File | Description |
|---|---|
| *.audit files |
Archive files for auditing information. The actual file name is built from the criteria you select when creating the archive. To create an archive, click on the Archive Audit button on the Auditing + Logging tab, then either click the Archive All button or enter criteria and click the Archive Selected button. If you choose to archive all records, the file name will be audit_all.audit. If you choose to archive selected records, the file name will be similar to the following: audit_user1_prior20050405_RUNTIME.audit. |
Additional Properties Files
| File | Description |
|---|---|
| RMApiInit.properties |
Contains information about the LDAP server, JNDI, and processing pool initialization parameters. The MaxQueryResults parameter's default setting is 5000. Its value must be greater than or equal to the setting for the Paging Size preference in the Resource Manage Administrator. |
| lsservice.properties | Contains information on the security server, including a list of defined server instances, the server host for the security server, the ports used by the security server, and the name of the service representing the server that hosts the security server. This is created during installation and generally should not be edited. |