cancel
Showing results for 
Search instead for 
Did you mean: 

Enable audit log for mimeType

MartinTichovsky
Champ in-the-making
Champ in-the-making

Hello,

i have problem with enabling audit log for specific mimeType. I have enabled audit log in alfresco properties config, everything is loged fine for pdf or others format, but problem is with mimeType "application/octet-stream" where audit for access (or changes) is not logged. How can i enable audit log for this mimeType? Thanks

image

1 ACCEPTED ANSWER

The only way to specify the mimetype in Alfresco Public ReST API is by uploading content and making sure that the file parameter in the reqeuest body already has the proper mimetype specified. Changing just/only the mimetype afterwards / at any time is not a change for which Alfresco provides a direct API - not even when developing in-process extensions in Java.

Looking at the source code of the implementation for the ReST API I can clearly see one hugh reason which might cause the result to not show what one might expect. The whole operation is contingent on the node path, which might be changed by moves / renames, and on any such changes, any previous audit entries will no longer be accessible. This might not affect your particular case right now, but in general, this operation has been recognized as "broken", and there is even an issue to deprecate it. One of our Order of the Bee members, @yreg actually got the ball rolling on this, which is why I remembered the issue as soon as I looked at the code. It obviously is a bit of a disappointment that they have not yet done the simplest thing with regards to deprecating that API or at least listing the issue in the api-explorer documentation in all the time the issue has been open.

View answer in original post

5 REPLIES 5

afaust
Legendary Innovator
Legendary Innovator

I am not sure I understand what you mean.

There is no audit configuration / enablement that would be specific to mimetype. If auditing is enabled, it will work on any node, independent of the mimetype. There are limitations in Alfresco based on user names / filing paths, but these are not enabled by default. Those limitations are that e.g. the "System" user is excluded from auditing and versions / archived items are not audited, only live content.

Thanks for the answer. Ok, than maybe audit log doesn't work properly because i have file as on the picture and it have only one audit log entry. Even if i will change properties as custom user or i will show the document, nothing is logged, but with pdf is everything ok. Have i change mimeType or something? I excpected there are items excluded from audit but now i'm not sure.

The only way to specify the mimetype in Alfresco Public ReST API is by uploading content and making sure that the file parameter in the reqeuest body already has the proper mimetype specified. Changing just/only the mimetype afterwards / at any time is not a change for which Alfresco provides a direct API - not even when developing in-process extensions in Java.

Looking at the source code of the implementation for the ReST API I can clearly see one hugh reason which might cause the result to not show what one might expect. The whole operation is contingent on the node path, which might be changed by moves / renames, and on any such changes, any previous audit entries will no longer be accessible. This might not affect your particular case right now, but in general, this operation has been recognized as "broken", and there is even an issue to deprecate it. One of our Order of the Bee members, @yreg actually got the ball rolling on this, which is why I remembered the issue as soon as I looked at the code. It obviously is a bit of a disappointment that they have not yet done the simplest thing with regards to deprecating that API or at least listing the issue in the api-explorer documentation in all the time the issue has been open.

Kishi1lam
Champ in-the-making
Champ in-the-making

Martin,hello. The first step is to define what to audit. For example, you might audit user logins, server configuration, schema changes and audit data modifications. Next, you have choose which security auditing features to use. Useful features include the following: C2 Auditing. Common Compliance Criteria. Login Auditing.

afaust
Legendary Innovator
Legendary Innovator

Sorry,  @Kishi1lam, but the original question was around accessing audit data via the public ReST API. The entirety of your reply was not related to that. C2 Auditing and Common Compliance Criteria are terms around Microsoft SQL Server, a database which is only supported for Enterprise Editions of Alfresco, and which provides one of the worst performances (at least in my experience) when used as the database of Alfresco.