Magnolia 6.1 reached end of life on March 31, 2021. This branch is no longer supported, see End-of-life policy.
Audit trail allows an administrator to record of user activity in the system. An audit trail typically captures the "who, what, when and where". The default implementation is based on Log4j 2 and the files used for logging can therefore be configured in any way you like. Magnolia also provides a Log Viewer tool, located in the Tools menu, to visualize these and other log files.
This feature is configured in two places, log4j2.xml
file and in auditLogging
configuration.
Here you define the loggers to be used by the audit logging. Here is an example extracted from the application log4j2.xml
:
<RollingFile name="sync-log-audit" fileName="${magnolia.logs.dir}/magnolia-audit.log" filePattern="${magnolia.logs.dir}/magnolia-audit-%i.log" append="true"> <PatternLayout pattern="%d{dd.MM.yyyy HH:mm:ss}%m%n"/> <Policies> <SizeBasedTriggeringPolicy size="1MB"/> </Policies> <DefaultRolloverStrategy max="5"/> </RollingFile> <Async name="log-audit"> <AppenderRef ref="sync-log-audit"/> </Async>
Define the actions you want to log in auditLogging
configuration. You can enable the preconfigured actions and define which logger they should use. Define separators for each action or use the default separator (comma) for all of them.
Node name | Value |
---|---|
server | |
auditLogging | |
logConfigurations | |
deactivate | |
activate | |
active | false |
logName | log-audit |
copy | |
login | |
logout | |
move | |
modify | |
create | |
delete | |
class | info.magnolia.audit.AuditLoggingManager |
defaultSeparator | , |
Below is an extract of the output of the logs. General pattern is "when, what, who and where".
20.10.2008 11:59:33 , create , superuser , website , /untitled4
move
and copy
actions log the source node path and the destination node path.
login
action logs the IP address and the result.
21.10.2008 12:21:59, logout, anonymous 21.10.2008 12:22:05, login, superuser, 127.0.0.1, Success