Skip to end of metadata
Go to start of metadata

 

Creating a system audit

To add another audit to the system you need to:

  1. Add AuditTypes an appropriate value to the class, e.g. AUDIT_CUSTOM_TEST.
  2. In the AuditCategories class, add the new created audit type in the method that returns the category of this audit.

  3. If the audit is added to the controller/servlet and there is access to the HttpServletRequest object, add a fragment:

    The system will calculate the query execution times itself, pull the logged-in user and IP address.

    We can also use the appropriate methods instead of setting the field with success:

    @RequestMapping( "audit" )
@ResponseStatus( HttpStatus.OK )
public void test( HttpServletRequest request )
{
    // time-consuming operations

    request.setAttribute( "audit", AuditBuilder.getInstance()
        .type( AuditTypes.AUDIT_CUSTOM_TEST )
        .success( true )
        .params( ImmutableMap.of( "param1", "paramValue" ) ) // audit parameters
        .build() );
}
    AuditBuilder.getInstance().type(AuditTypes.AUDIT_CUSTOM_TEST).buildSuccess();
AuditBuilder.getInstance().type(AuditTypes.AUDIT_CUSTOM_TEST).buildFailure();

  4. If the audit is added somewhere other than the controllers/servlets, add a snippet.

    Date started = new Date();

// time-consuming operations

ManualAuditBuilder.getInstance() // ManualAuditBuilder additionally allows you to set the user, audit duration and IP address
    .type( AuditTypes.AUDIT_CUSTOM_TEST )
    .started( started )
    .username( username ) // if there is no access to the request, but the user is known
    .success( true )
    .params( ImmutableMap.of( "param1", "paramValue" ) )
    .build()
    .log();

    You should calculate the audit execution time yourself, set the user and IP address manually (if there is such information).

  • For system translations of the SERVER type, add translation entries for the audit type (key identical to the audit type), and for the parameter name (AUDIT_PARAM_ + parameter name in capital letters). For example:

    messages.properties
    AUDIT_CUSTOM_TEST=Any audit name
AUDIT_PARAM_PARAM1=Any audit parameter name

    In cases where audit parameter values need to be processed before displaying, you should add an appropriate Formatter extending the com.suncode.pwfl.audit.formatter.Formatter class from the plusworkflow-audit module.

    Situations in which you should add your own formatter are:

  • translation of the process/task name

  • getting user's name (instead of login)

  • getting some name that user can define in custom translation files

  • translation of a boolean value

  • translation of some name, e.g. document class index type, permission type, configuration, etc.

The Formatter class already has some methods to translate selected audit parameters.

If we create an audit of the operation, in which some parameters are changed, for example, it is necessary in the audit parameters to show the change of the parameter in the format old_value > new_value. If the values are to be processed in some way, I recommend passing them to the formatter in the form "old_value;new_value", because the methods in the Formatter class have support adapted to values separated by semicolons.

 

Creating an implementation audit

To add an implementation:

  1. If the audit is added to the controller/servlet and there is access to the HttpServletRequest add a fragment:

    @RequestMapping( "audit" )
@ResponseStatus( HttpStatus.OK )
public void test( HttpServletRequest request )
{
    // time-consuming operations

    request.setAttribute( "audit", AuditBuilder.getInstance()
        .type( "AUDIT_CUSTOM_TEST" ) // audit type as plain text
        .success( true )
        .params( ImmutableMap.of( "param1", "paramValue" ) ) // audit parameters
        .build() );
}

    The system will calculate the query execution times itself, pull the logged-in user and IP address.

  2. If the audit is added somewhere other than the controllers/servlets, add a snippet.

    Date started = new Date();

// time-consuming operations

ManualAuditBuilder.getInstance()
    .type( "AUDIT_CUSTOM_TEST" ) // audit type as plain text
    .started( started )
    .username( username ) // if there is no access to the request, but the user is known
    .success( true )
    .params( ImmutableMap.of( "param1", "paramValue" ) )
    .build()
    .log();

    You should calculate the audit execution time yourself, manually set the user and IP address (if there is such information).

  3.  To any registered interpreter with scope SERVER, add translation entries for the audit type (key identical to the audit type), and for the parameter name (AUDIT_PARAM_ + parameter name in capital letters). For example:

    tlumaczenia_wdrozeniowe.properties
    AUDIT_CUSTOM_TEST=Any audit name
AUDIT_PARAM_PARAM1=Any audit parameter name

    Useful links

    Internationalization (I18N)

 

 

 

  • No labels