Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Permission Audit Entries for Alfresco SDK community version 7.0.0

rkhot
Champ in-the-making
Champ in-the-making

‎08-17-2021 03:30 AM

Hi Alfresco Team,

We are using SDK Community - 7.0.0 version of Alfresco.

We are trying to retrieve the Permission Audit Entries.
For this, we modified alfresco-global.properties as follows :

audit.enabled=true
audit.alfresco-access.enabled=true
audit.cmischangelog.enabled=true
audit.filter.alfresco-access.default.enabled=true
audit.tagging.enabled=true
audit.alfresco-access.sub-events.enabled=true
audit.dod5015.enabled=true
audit.config.strict=false
audit.filter.alfresco-access.transaction.user=~System;~null;.*
audit.filter.alfresco-access.transaction.type=cm:content;cm:folder;st:site<br>
audit.filter.alfresco-access.transaction.path=~/sys:archivedItem;~/ver:;.*
audit.filter.alfresco-access.default.path=/app:company_home/st:sites.*

Still, we are not able to fetch Permission Audit Entries like Modifying the Permissions for a file or folder entities.

Please advise if above settings need any changes.

Also let us know if there is any other way to enable auditing of Permissions apart from settings in alfresco-global.properties

Thanks for your cooperation.

Regards
Rahul Khot

Labels:
0 Kudos
3 REPLIES 3

cristinamr
World-Class Innovator
World-Class Innovator

‎08-17-2021 04:45 AM

Good morning.

Could you please attach your log?

In alfresco.docs you have in detail how to enable the debug for your audit config:

Log4J configuration

Log4J settings can be added in a file tomcat/shared/classes/alfresco/extension/audit-log4j.properties (you could copy ./tomcat/shared/classes/alfresco/extension/custom-log4j.properties.sample and remove the .sample, or create the file from scratch).

To see what information is available to audit, enable the following logging:

log4j.logger.org.alfresco.repo.audit.inbound=DEBUG

This would generate logging (in alfresco.log) such as:

15:55:26,590 User:admin DEBUG [repo.audit.inbound]
Inbound audit values:
    /alfresco-node/beforeDeleteNode/node=workspace://SpacesStore/c4728f24-4a11-40f7-9062-315edf959d79
15:55:26,748 User:admin DEBUG [repo.audit.inbound]
Inbound audit values:
    /alfresco-api/post/NodeService/deleteNode/no-error=null
    /alfresco-api/post/NodeService/deleteNode/args/nodeRef=workspace://SpacesStore/c4728f24-4a11-40f7-9062-315edf959d79

Enable it, reproduce the problem and share with us your logs.

Cheers,

Cristina.

--
VenziaIT: helping companies since 2005! Our ECM products: AQuA & Seidoc
0 Kudos

afaust
Legendary Innovator
Legendary Innovator
In response to cristinamr

‎08-17-2021 06:46 AM

In addtition to what @cristinamr wrote, please also tell us "how" you are trying to retrieve the permission audit entries, i.e. what API calls you are using and with what parameters.

0 Kudos

rkhot
Champ in-the-making
Champ in-the-making
In response to afaust

‎08-18-2021 03:12 AM

Hi @afaust , @cristinamr ,

We are trying to fetch the Audit Entries for Change in Permissions using following API :

https://api-explorer.alfresco.com/api-explorer/#/audit/listAuditEntriesForAuditApp

Example Scenario ==> If we change the permissions of a file or folder and call the API, we do not get any Audit Entries for Permission Changes

Please let us know if we are using the right API

Regards,

Rahul Khot

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2025 Khoros, LLC