9. Encrypting the Security Audit Log    1 9.a Configuring Keystore and certificate required for encryption    2 9.b Audit record encryption configuration    7 9. Encrypting the Security Audit Log The Audit log can be encrypted to make the information unavailable for intruders. Configuration is a two step process. The keystore is to be configured with a digital certificate in.. read more →

8. Signing your security audit records    1 8. Signing your security audit records Audit log can be digitally signed to make it tamper-proof. When the log is digitally signed, it is also Base-64 encoded which makes it impossible to read through a text editor without decoding it back. So the only way to read a digitally-signed.. read more →

7. Creating an event filter    1 7a. Configuring Audit Service Provider    5 7b. Configuring Audit Event Factory    8 7. Creating an event filter Now open WebSphere Administrative console as “security_auditor”, the user who plays Auditor administrative role to create a new Event Type filter. An Event Type filter represents a type of security event, and when added to.. read more →

6. Generate a HTML report using binaryAuditLogReader    1 6. Generate a HTML report using binaryAuditLogReader steve@steve-H67N-USB3-B3:/opt/IBM/WebSphere/AppServer/profiles/apprv01/bin$ sudo ./wsadmin.sh -lang jython -username security_auditor -password websphere [sudo] password for steve: WASX7209I: Connected to process “server1″ on node node01 using SOAP connector; The type of process is: UnManagedProcess WASX7031I: For help, enter: “print Help.help()” wsadmin>AdminTask.binaryAuditLogReader(‘-interactive’) Binary Audit Log Reader.. read more →

5. Verifying generation of audit messages    1 5. Verifying generation of audit messages Restart Server The audit log can be viewed through a text editor. Go to <profile_root>/logs/<server_name> directory and open the file with the name BinaryAudit_<cell_name>_<node_name>_<server_name>.log Note: Every event starts with a sequence number. The event type is displayed next. The fields are separated by.. read more →

4. Configure Audit Monitor    1 4. Configure Audit Monitor Audit Monitor has to be configured next, which sends out notification if the security auditing subsystem fails. Click Security auditing under Security from the left navigation pane Click Audit monitor Link under Related Items in the content pane Click New button Enter a name to the notification.. read more →

3. Map User to Auditor Role    1 3. Map User to Auditor Role Now the user needs to be mapped to Auditor role, so that the user can login to WebSphere administrative console and configure security auditing. Now click on Administrative user roles link on the left navigation pane Click on the Add button Select the.. read more →

2. Create an User    1 2. Create an User WebSphere Application server supports role based access control to various features. Security Auditing is one such feature which can be configured by a user mapped to Auditor role. This role was introduced in WebSphere Application Server Version 7.0. Search and confirm that a user with the same.. read more →

1. ENABLE ADMINISTRATIVE SECURITY FOR THE PROFILE    2 2. CREATE AN USER    3 3. MAP USER TO AUDITOR ROLE    5 4. CONFIGURE AUDIT MONITOR    8 5. VERIFYING GENERATION OF AUDIT MESSAGES    12 6. GENERATE A HTML REPORT USING BINARYAUDITLOGREADER    14 7. CREATING AN EVENT FILTER    16 7A. CONFIGURING AUDIT SERVICE PROVIDER    20 7B. CONFIGURING AUDIT EVENT FACTORY    23 8. SIGNING YOUR SECURITY AUDIT RECORDS    28.. read more →

This diagram is simplified, but does show the most common points found in the relevant security tiers. Look out for more information on this topic over the coming months as I prepare the final content for the Oracle WLS and IBM WAS training courses. I will be providing WebSphere Network Deployment version 8 training courses.. read more →