It would be nice to know what is in your AuditEvent. I suspect that is where our implementations differ. On Sun, Nov 2, 2008 at 11:42 AM, Anders Hammar <anders@hammar.net> wrote:
Hi,
Attached is a UML class diagram of the basics of the audit logger implementation utilizing Logback. As you can see it's not very complicated. What I have left out is most of the Joran configuration parts (you don't need to use Joran for configuration if you don't want to) and our extension of PatternLayoutBase (which uses a bunch of Converters specific to our case).
Once again, have a look at logback-access for instance and it shouldn't be to hard to figure out.
/Anders
On Fri, Oct 31, 2008 at 1:21 PM, Chad La Joie <chad.lajoie@switch.ch> wrote:
Thanks. We use Logback for a product with modestly large deployment. I have an audit log now but I'm not entirely happy with it. Event-based log entries would be a large step in the right direction.
Anders Hammar wrote:
Hi Chad,
I'm sorry to say no, my customer doesn't share code. Especially not for this component. But due to the good design of logback this was very straight forward. As I said, I used logback-core and implemented a few classes on top of this. I found looking at how things were solved in logback-classic and logback-access very helpful. I ran into a few problems when extending some classes for our specific needs, but I filed jiras regarding that and I believe it has been fixed in 0.9.10/11.
What I could do is sharing some kind of UML class diagram to show the idea. I'll look at that on Monday.
/Anders
On Fri, Oct 31, 2008 at 9:45 AM, Chad La Joie <chad.lajoie@switch.ch> wrote:
Hey Anders,
Do you have any code that you could share that shows how you did the event-based audit logging vs the standard level-based?
Anders Hammar wrote:
I was asked by Ceki to share my successful Logback story with you all.
In a former assignment for one of our customers, we implemented an audit component. The customer is to use this component in their applications to audit end-user activities.
In some earlier application specific audit implementations, log4j had been used. However, log4j (and pretty much all existing application logging frameworks that I looked at) has the notion of logging levels. For auditing (at least in this customer's case) we have actions/events which have no relation between them. So, having levels of debug, info, warn, etc isn't right but we rather have independent events. When I found Logback it was kind of love at first sight, the modular design fitted beautifully with what we wanted and we chose Logback (specifically logback-core) for our actual audit logging. We based this choice on two factors in specific: 1. The possibility of log on actions/events rather than levels (as above described) 2. The possiblity of having several independently configured logback instances. (This is not possible with log4j for instance, and as the customer's app server of choice uses log4j we would need to combine application logging and audit logging configuration - which is not good out of security perspective.)
Also, the extensive documentation made my work easy to recommend the framework. As we all know, good documentation is not always the case in OSS. However, as mentioned on the mailing list earlier, the lack of a 1.0 release could have been a problem. However, Ceki's track record (with log4j) made me feel safe still going with Logback.
As i personally strongly believe in OSS I normally participate and contribute to the community of the libs I use. However, working as a consultant I just can't be involved in everything and tend to only stay active as long as the assignment lasts (there are a few exceptions). Therefore I don't subscribe to this mailing list any longer, but I will monitor this thread so if you have any questions regarding my use case I'll be happy to answer them.
/Anders _______________________________________________ Logback-user mailing list Logback-user@qos.ch http://qos.ch/mailman/listinfo/logback-user -- SWITCH Serving Swiss Universities
Chad La Joie, Software Engineer, Net Services Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch
_______________________________________________ Logback-user mailing list Logback-user@qos.ch http://qos.ch/mailman/listinfo/logback-user
_______________________________________________ Logback-user mailing list Logback-user@qos.ch http://qos.ch/mailman/listinfo/logback-user
-- SWITCH Serving Swiss Universities -------------------------- Chad La Joie, Software Engineer, Net Services Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch
_______________________________________________ Logback-user mailing list Logback-user@qos.ch http://qos.ch/mailman/listinfo/logback-user
_______________________________________________ Logback-user mailing list Logback-user@qos.ch http://qos.ch/mailman/listinfo/logback-user