Network Deployment (Distributed operating systems), v8.0 > Reference > Sets


Context object fields

Each auditable event has an associated set of information that is available for logging. This information is grouped into specific context objects. The context objects that are available for logging a specific event are specified by the event type. This topic details the information that exists for each context object and specifies whether the information is logged by default or is only logged when the verbose logging option is enabled.


The SessionContextObj object

SessionContextObj fields. This table lists the SessionContextObj fields.

Field Type Description Default or Verbose logging
sessionId String An identifier for the user session Default
remoteAddr String The IP address for the remote host Default
remotePort String The port of the remote host Default
remoteHost String The host name of the remote host Default


The PropagationContextObj object

PropagationContextObj fields. This table lists the PropagationContextObj fields.

Field Type Description Default or Verbose logging
firstCaller String The identity of the first user in the caller list Default
callerList String array A list of names representing the identities of the users Verbose


The RegistryContextObj object

RegistryContextObj fields. This table lists the RegistryContextObj fields.

Field Type Description Default or Verbose logging
type String The type of user registry being used, such as LDAP or AIX Default


The ProcessContextObj object

ProcessContextObj fields. This table lists the ProcessContextObj fields.

Field Type Description Default or Verbose logging
domain String The domain to which the user belongs Verbose
realm String The registry partition to which the user belongs Default


The EventContextObj object

EventContextObj fields. This table lists the EventContextObj fields.

Field Type Description Default or Verbose logging
lastEventTrailId String The last ID associated with a given transaction Verbose
eventTrailId String array An array of IDs that allow events that belong to a given transaction to be correlated Default
creationTime Date The date an event was created Default
globalInstanceId Long The unique identifier of this event Default


The DelegationContextObj object

DelegationContextObj fields. This table lists the DelegationContextObj fields.

Field Type Description Default or Verbose logging
delegationType String no delegation, simple delegation, method delegation or switch user delegation Default
roleName String The Run as role being used: runAsClient, runAsSpecified, runAsSystem, own ID Default
identityName String Information about the mapped user Default


The AuthnContextObj object

AuthnContextObj fields. This table lists the AuthnContextObj fields.

Field Type Description Default or Verbose logging
authnType String The type of authentication used Default


The ProviderContextObj object

ProviderContextObj fields. This table lists the ProviderContextObj fields.

Field Type Description Default or Verbose logging
provider String The provider of the authentication or authorization service Default
providerStatus String Status of whether the authentication or authorization event processed successfully by the provider Default


The AuthnMappingContextObj object

AuthnMappingContextObj fields. This table lists the AuthnMappingContextObj fields.

Field Type Description Default or Verbose logging
mappedSecurityDomain String The security domain after mapping has occurred Default
mappedRealm String The realm after mapping has occurred Default
mappedUserName String The user name after mapping has occurred Default


The AuthnTermContextObj object

Table 10. AuthnTermContextObj fields. This table lists the AuthnTermContextObj fields.

Field Type Description Default or Verbose logging
terminateReason String The reason authentication ended Default


The AccessContextObj object

Table 11. AccessContextObj fields. This table lists the AccessContextObj fields.

Field Type Description Default or Verbose logging
progName String The name of the program that was involved in the event Default
action String The action being performed. Default
registryUserName String The name of the user in the registry Default
appUserName String The name of the user within an application Default
accessDecision String The decision of the authorization call Default
resourceName String The name of the resource in the context of the application Default
resourceType String The type of resource Default
resourceUniqueId Long The unique identifier of the resource Default
permissionsChecked String array The permissions that were checked during the authorization call Default
permissionsGranted String array The permissions that were granted during the authorization call Default
rolesChecked String array The roles that were checked during the authorization call Default
rolesGranted String array The roles that were granted during the authorization call Default


The PolicyContextObj object

Table 12. PolicyContextObj fields. This table lists the PolicyContextObj fields.

Field Type Description Default or Verbose logging
policyName String The name of the policy Default
policyType String The type of policy Default


The KeyContextObj object

Table 13. KeyContextObj fields. This table lists the KeyContextObj fields.

Field Type Description Default or Verbose logging
keyLabel String The key or certificate label Default
keyLocation String The physical location of the key database Default
certLifetime Date The date when a certificate expires Default


The CipherContextObj object

Table 14. CipherContextObj fields. This table lists the CipherContextObj fields.

Field Type Description Default or Verbose logging
cipherData Byte array The cipher data that is captured Verbose


The MgmtContextObj object

Table 15. MgmtContextObj fields. This table lists the MgmtContextObj fields.

Field Type Description Default or Verbose logging
mgmtType String The type of management operation Default
mgmtCommand String The application-specific command that was performed Default
targetInfoAttributes Target Atrribute array Information about one or more secondary objects involved in this operation Verbose


The ResponseContextObj object

Table 16. ResponseContextObj fields. This table lists the ResponseContextObj fields.

Field Type Description Default or Verbose logging
url String The URL of the HTTP request Default
//publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ RequestHeaders Attributes array The HTTP request headers provided by the client Verbose
//publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ ResponseHeaders Attributes array The HTTP response headers returned by the server Verbose


The CustomPropertyContextObj object

Table 17. CustomPropertyContextObj fields. This table lists the CustomPropertyContextObj fields.

Field Type Description Default or Verbose logging
key String The label representing the custom property key name Verbose
value Object The object value of the custom property Verbose

Auditing the security infrastructure
Create security auditing event type filters


Related


Context objects for security auditing

+

Search Tips   |   Advanced Search