AuditLogging
Realm Operations
Resource path:
/realm-config/services/audit
Resource version: 1.0
create
Usage
am> create AuditLogging --realm Realm --body body
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "auditEnabled" : { "title" : "Audit logging", "description" : "Enable audit logging in OpenAM.", "propertyOrder" : 100, "required" : true, "type" : "boolean", "exampleValue" : "" }, "whitelistFieldFilters" : { "title" : "Field whitelist filters", "description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, to record the values of the <code>Accept-Language</code> HTTP header in <em>access</em> events, the pointer is <code>/access/http/request/headers/accept-language</code>.", "propertyOrder" : 200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "blacklistFieldFilters" : { "title" : "Field blacklist filters", "description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, you might want to filter out surnames by hiding the <code>sn</code> field from <em>activity</em> events. To do so, add the following pointers to the Field blacklist filters list: <ul><li><code>/activity/before/sn</code></li><li><code>/activity/after/sn</code></li></ul>", "propertyOrder" : 300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage
am> action AuditLogging --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage
am> action AuditLogging --realm Realm --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage
am> action AuditLogging --realm Realm --actionName nextdescendents
update
Usage
am> update AuditLogging --realm Realm --body body
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "auditEnabled" : { "title" : "Audit logging", "description" : "Enable audit logging in OpenAM.", "propertyOrder" : 100, "required" : true, "type" : "boolean", "exampleValue" : "" }, "whitelistFieldFilters" : { "title" : "Field whitelist filters", "description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, to record the values of the <code>Accept-Language</code> HTTP header in <em>access</em> events, the pointer is <code>/access/http/request/headers/accept-language</code>.", "propertyOrder" : 200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "blacklistFieldFilters" : { "title" : "Field blacklist filters", "description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, you might want to filter out surnames by hiding the <code>sn</code> field from <em>activity</em> events. To do so, add the following pointers to the Field blacklist filters list: <ul><li><code>/activity/before/sn</code></li><li><code>/activity/after/sn</code></li></ul>", "propertyOrder" : 300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }
Global Operations
Resource path:
/global-config/services/audit
Resource version: 1.0
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage
am> action AuditLogging --global --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage
am> action AuditLogging --global --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage
am> action AuditLogging --global --actionName nextdescendents
update
Usage
am> update AuditLogging --global --body body
Parameters
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "blacklistFieldFilters" : { "title" : "Field blacklist filters", "description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, you might want to filter out surnames by hiding the <code>sn</code> field from <em>activity</em> events. To do so, add the following pointers to the Field blacklist filters list: <ul><li><code>/activity/before/sn</code></li><li><code>/activity/after/sn</code></li></ul>", "propertyOrder" : 300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "whitelistFieldFilters" : { "title" : "Field whitelist filters", "description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, to record the values of the <code>Accept-Language</code> HTTP header in <em>access</em> events, the pointer is <code>/access/http/request/headers/accept-language</code>.", "propertyOrder" : 200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "auditEnabled" : { "title" : "Audit logging", "description" : "Enable audit logging in OpenAM.", "propertyOrder" : 100, "required" : true, "type" : "boolean", "exampleValue" : "" }, "defaults" : { "properties" : { "blacklistFieldFilters" : { "title" : "Field blacklist filters", "description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, you might want to filter out surnames by hiding the <code>sn</code> field from <em>activity</em> events. To do so, add the following pointers to the Field blacklist filters list: <ul><li><code>/activity/before/sn</code></li><li><code>/activity/after/sn</code></li></ul>", "propertyOrder" : 300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "whitelistFieldFilters" : { "title" : "Field whitelist filters", "description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. <p> Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of <code>access</code>, <code>activity</code>, <code>authentication</code>, or <code>config</code>.<p> For example, to record the values of the <code>Accept-Language</code> HTTP header in <em>access</em> events, the pointer is <code>/access/http/request/headers/accept-language</code>.", "propertyOrder" : 200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "auditEnabled" : { "title" : "Audit logging", "description" : "Enable audit logging in OpenAM.", "propertyOrder" : 100, "required" : true, "type" : "boolean", "exampleValue" : "" } }, "type" : "object", "title" : "Realm Defaults" } } }