The logging facility includes loggers for the following
categories of events that are specifically related to the SAS Metadata
Server:
-
-
metadata server and metadata repository
management events
-
-
-
performance-related events
The initial logging configuration is set up to log
these event categories, except for performance-related events, at
the INFO, WARN, ERROR and FATAL levels. The loggers are as follows:
App.Meta
is the parent logger
for metadata server events. Logging levels that are defined for this
logger are inherited by its child loggers (including App.Meta.CM,
App.Meta.IO, and App.Meta.Mgmt) unless they are explicitly overridden.
App.Meta.CM
logs change management
events including check-in and check-out.
App.Meta.IO
logs low-level input
and output activity.
App.Meta.Mgmt
logs metadata server
management activity such as the following:
-
server operation actions such as
pause, resume, and refresh
-
creating and deleting repositories
-
modifying repository access modes
-
repository backup and migration
Audit.Meta.Security
is the parent logger
for metadata server security events. No events are written directly
to this logger. Logging levels that are defined for this logger are
inherited by its child loggers (for example, Audit.Meta.Security.AccCtrlAdm)
unless the levels are explicitly overridden.
Audit.Meta.Security.AccCtrlAdm
logs changes to permissions,
permission settings, and access control templates (ACTs); and changes
to passwords for objects such as tables and connections (including
adding, deleting, and modifying passwords, as well as failed attempts
to perform these actions).
Audit.Meta.Security.GrpAdm
logs changes to group
or role membership (including adding and removing members, and failed
attempts to perform these actions).
Audit.Meta.Security.UserAdm
logs changes to users,
groups, roles, logins, and authentication domains (including adding,
deleting, and modifying these objects, as well as failed attempts
to perform these actions).
Audit.Meta.Updates
(new with SAS 9.3)
is the parent logger for events that are performed on public objects.
The logged events include adding, updating, deleting, checking out,
checking in, and fetching objects, as well as undoing checkouts.
Audit.Meta.Updates.PublicObjects
logs events about public objects in foundation and custom repositories.
Audit.Meta.Updates.Project and Audit.Meta.Updates.Project.PublicObjects
log information about public objects in project repositories.
Perf.Meta
logs performance-related
events. This information previously was available through the OMA_ARM
subsystem.
The following are examples
of security auditing messages.
2008-07-22T14:22:14,222 INFO [00222108] 2504:User123@saspw - Added
IdentityType=Person Name=Test User, ObjId=A5LL3EE0.AN00000D.
2008-07-22T14:22:14,222 INFO [00222108] 2504:User123@saspw - Added Member
IdentityType=Person Name=Test User, ObjId=A5LL3EE0.AN00000D to IdentityGroup
Name=BI Dashboard Users, ObjId=A5LL3EE0.A300000O.
2008-07-22T14:22:14,222 INFO [00222108] 2504:User123@saspw - Added Login with
UserId=Test User, ObjId=A5LL3EE0.AQ00000F, AuthDomain=DefaultAuth to
IdentityType=Person Name=Test User, ObjId=A5LL3EE0.AN00000D.
These messages record
the addition of a new user identity (Test User), the addition of the
user to the BI Dashboard Users group, and the creation of a login
for the user. Each message includes:
-
-
-
the thread identifier (in brackets)
-
-
the user identity that is associated
with the current thread or task
-
the generated message, preceded
by a hyphen