Skip to end of metadata
Go to start of metadata

LAMS has a single audit log JBOSS_HOME/server/default/log/audit<date>.log, stored in .

Certain significant updates are recorded in this log.  For example:

  • New user is added to LAMS - the user's user id and login id are logged.
  • A user modifies their password - the user's login is logged (but not the password!).
  • Staff member editing a learner's entry in the monitoring screen - the old and new entries are logged.
  • Staff member hiding or showing a learner's entry in the monitoring screen - the hidden entry is logged.
    All tools must log editing/hiding/showing entries. If you are in any doubt as to whether something should be logged or not, then check with Ernie or Fiona.

Log Implementation

The log is created using Log4J. It is configured to write out all information level entries (and above) that are generated from the org.lamsfoundation.lams.util.audit package. It uses a DailyRollingFileAppender, with the file rolling over at midnight.

It is implemented in  org.lamsfoundation.lams.util.audit.AuditService, with the interface defined as IAuditService. It is found in lams.jar. This service is made available as the Spring bean "auditService". The audit service makes use of some internationalisation strings (are also stored in lams.jar).

The user creating the entry is recorded automatically - the audit service gets the current user from the shared session object. If the shared session object is missing then the log entry is still created.

Both the user id and the login name are recorded even though the data is redundant. This file will be scanned by a human from time to time, so it will be easier for them to recognise people by their login name. However login names change and user ids do not, so we also record the user id so we can track changes for a user even if the login name changes.

Administration Considerations

There will be one file for each day that there is an entry. The files should never overwrite themselves so it may become necessary to move older audit files to another disk as part of the general system administration.

Audit Log Interface and Creating a Log Entry 

There are four calls available to create an audit log entry:

  1. public void log(String moduleName, String message): Generic call to log a message.
  2. public void logChange(String moduleName, Long originalUserId, String originalUserLogin, String originalText, String newText): Log a change to a piece of data. Designed to be used by tools when a staff member edits a learner's entry.
  3. public void logHideEntry(String moduleName, Long originalUserId, String originalUserLogin, String hiddenItem): Log the details about an item that has been hidden. Designed to be used by tools when a staff member hides a learner's entry.
  4. public void logShowEntry(String moduleName, Long originalUserId, String originalUserLogin, String hiddenItem): Log the details about an item that has been hidden. Designed to be used by tools when a staff member hides a learner's entry.

In general, if an event occurs in only one module (such as creating a user, changing user passwords), then the module should create its own message and call log(String moduleName, String message).

If the even occurs in many modules, such as hiding an item, then we write a helper method in the AuditService. This ensures consistency in the message across modules. 

All messages in the audit log should be internationalised.

The moduleName should be a unique indicator of your module. For a tool, the tool signature is a good choice. For the core modules, it will be the name of the module - "learning", "monitoring", "admin", etc.

To call the auditService, your module should include the audit service as a property in your module's main service bean. Then it is just a matter of calling auditService.log(), auditService.logChange(), auditService.logHideEntry() or auditService.logShowEntry(). If you are calling object.toString() to generate the string the hiddenItem, don't forget to check that the object has a useful toString() method. Just writing out the object's memory address or object id isn't a lot of help.

For example, in the share resources tool:

rsrcApplicationContext.xml
<bean id="resourceManagerTarget" class="org.lamsfoundation.lams.tool.rsrc.service.ResourceServiceImpl">

.......

   <property name="learnerService"><ref bean="learnerService"/></property>
   <property name="auditService"><ref bean="auditService"/></property>
   <property name="messageService"><ref bean="messageService"/></property>
</bean>
ResourceServiceImpl.java
private IAuditService auditService;

public void setAuditService(IAuditService auditService) {
	this.auditService = auditService;
}


public void setItemVisible(Long itemUid, boolean visible) {
	ResourceItem item = resourceItemDao.getByUid(itemUid);
	if ( item \!= null ) {
	    if ( visible ) {
		auditService.logShowEntry(ResourceConstants.TOOL_SIGNATURE, item.getCreateBy().getUserId(),
		    item.getCreateBy().getLoginName(), item.toString());
	    } else {
		auditService.logHideEntry(ResourceConstants.TOOL_SIGNATURE, item.getCreateBy().getUserId(),
			item.getCreateBy().getLoginName(), item.toString());
	    }
	    item.setHide(\!visible);
	    resourceItemDao.saveObject(item);
	}
}

Example Entries

09:50:15,142 [http-0.0.0.0-8080-6:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): laqa11:
Changed text for user test1(5). Old text: Antartica New Text: null
09:50:20,439 [http-0.0.0.0-8080-7:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): laqa11:
Changed text for user test1(5). Old text: Where else but Australia? New Text: Australia?
09:50:37,864 [http-0.0.0.0-8080-4:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): larsrc11:
Hide entry for user test1(5). Entry was org.lamsfoundation.lams.tool.rsrc.model.ResourceItem@19db378[uid=1,
title=Porn Site,description=Check it out!,url=http://something.xxx,initialItem=<null>,url=http://something.xxx,
fileUuid=<null>,fileName=<null>, itemInstructions=[]]
11:45:13,421 [http-0.0.0.0-8080-5:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): lafrum11:
Changed text for user test1(5). Old text: org.lamsfoundation.lams.tool.forum.persistence.Message@17869d9[uid=2,
subject=This is a followup message,body=asfasf sdf afssadf] New Text: org.lamsfoundation.lams.tool.forum.
persistence.Message@17869d9[uid=2,subject=This is a followup message,body=This is some real text.]
11:45:18,438 [http-0.0.0.0-8080-2:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): lafrum11:
Hide entry for user test1(5). Entry was org.lamsfoundation.lams.tool.forum.persistence.Message@1fea0cf[uid=1,
subject=This is an offensive topic,body=I'm putting all sorts<BR>of stuff in here<BR>that you wouldn't<BR>
want other people to <BR>read.]
11:45:20,151 [http-0.0.0.0-8080-2:] INFO  org.lamsfoundation.lams.util.audit.AuditService - mmm(4): lafrum11:
Show entry for user test1(5). Entry was org.lamsfoundation.lams.tool.forum.persistence.Message@105aa49[uid=1,
subject=This is an offensive topic,body=I'm putting all sorts<BR>of stuff in here<BR>that you wouldn't<BR>
want other people to <BR>read.]
  • No labels