Rhino logs all management operations to two log files in the working directory of each Rhino node (work/logs by default):

  • management.csv, a plain text CSV file

  • encrypted.management.csv, a second, encrypted copy of the logs.

Tip You can use the encrypted version to detect tampering with the plain text copy — decode with the decrypt-management-log script, in the client/bin directory.
Note The management audit logs roll over once they reach 100MB, with an unlimited number of backup files. This logging configuration is currently hard-coded.
Note The format of management audit log can be chosen via system property rhino.audit.log_format. See more detail in system property.

Below are descriptions of:

and two examples:

What’s in the log file?

Rhino management operations logs include the following fields:

Field Description
date

A timestamp in the form 2010-05-11 14:55:33.692.

uniqueID

An identifier used to correlate a set of log lines for a single management operation. All of the log lines from the same operation will have the same uniqueID.

opcode

Uniquely identifies the type of operation.

user

The name of the user invoking the management operation, or unknown1 if there is no authenticated user.

roles

Any roles associated with the user.

access

Identifies whether the operation results in a state change of some sort. May be read or write. 2

client address

The IP address of the client invoking the management operation.

namespace

The namespace where the management operation invoked. Empty if it is the default namespace.

MBean name

ObjectName of the MBean invoked.

operation type

The general type of operation.

operation name

The name of the invoked method or get/set attribute.

arguments

The contents of all arguments passed to the management operation. Byte array arguments display converted to a length and a hash.

duration

How long (in milliseconds) the operation took.

result

Either ok or failed.3 4

failure reason

A text string indicating why an operation failed. (Only present for failed results.) 2

Note All management operations except for AUTHENTICATION type operations come in pairs with the first entry indicating the start of an operation, and the second entry indicating success or failure, as well as how long the operation took. Only the result lines make use of the duration, result, and failure reason fields.
Tip For a list of all operations currently recognised by the auditing subsystem, run the getopcodexml command from the command-line console. It will return the complete XML representation of all known management operations.

1 This usually only happens if unauthenticated access has been enabled in Rhino.
2 By default, users with the view permission may only perform read operations.
3 This field is only set for operation results.
4 A failed management operation is one which did not return successfully.

Operation types

The operation type field may contain one of the following values:

Type Result type Description
AUTHENTICATION

n/a

A successful or failed authentication attempt.

INVOKE
INVOKE (RESULT)

An MBean invoke operation.

GET
GET (RESULT)

An MBean attribute get operation.

SET
SET (RESULT)

An MBean attribute set operation.

GET-ATTRIBUTES
GET-ATTRIBUTES (RESULT)

An MBean bulk-attributes GET operation. Log lines with these markers denote a series of related GET requests.

SET-ATTRIBUTES
SET-ATTRIBUTES (RESULT)

An MBean bulk-attributes SET operation. Log lines with these markers denote a series of related SET requests.

Managing the audit level

The auditing subsystem provides two console commands to manage what gets logged to the management audit log:

getmanagementauditlevel
  Description
    Returns the current level of management operation auditing.
setmanagementauditlevel <none \| writes \| all>
  Description
    Sets the current level of management operation auditing.
Tip Writes is useful, for example, to avoid receiving excessive messages from an automated management client that continually polls Rhino state using JMX.
Note Rhino always logs changes to the audit level (irrespective of the current level).

Example 1: Resource adaptor deployment and activation

The following example shows management logs from deploying a resource adaptor, creating a resource adaptor entity for it, and activating that resource adaptor entity.

Note The log shows the resource adaptor activated twice in a row, the second operation failing (because the RA was already activated) — see the result and failure fields.
date uniqueID opcode user roles access client address MBean name operation type operation name arguments duration result failure reason
2010-06-08 14:22:06.850
101:176452077447:22
admin
192.168.0.7
AUTHENTICATION
ok
2010-06-08 14:22:35.622
101:176452077447:29
19000
admin
admin
write
192.168.0.7
javax.slee.management:
 name=Deployment
INVOKE
install
[file:/home/alex/simple/simple-ra-ha.jar,
[byte array, length=65164,
  md5sum=96322071e6128333bdee3364a224b48c]
2010-06-08 14:22:38.961
101:176452077447:29
19000
admin
admin
write
192.168.0.7
javax.slee.management:
 name=Deployment
INVOKE (RESULT)
install
[file:/home/alex/simple/simple-ra-ha.jar,
[byte array, length=65164,
  md5sum=96322071e6128333bdee3364a224b48c]
]
3339ms
ok
2010-06-08 14:22:53.356
101:176452077447:36
22014
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE
getConfigurationProperties
[ResourceAdaptorID
[name=Simple,vendor=OpenCloud,version=1.0]
]
2010-06-08 14:22:53.359
101:176452077447:36
22014
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE (RESULT)
getConfigurationProperties
[ResourceAdaptorID
[name=Simple,vendor=OpenCloud,version=1.0]
]
3ms
ok
2010-06-08 14:22:53.369
101:176452077447:39
22016
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE
createResourceAdaptorEntity
[ResourceAdaptorID
[name=Simple,vendor=OpenCloud,version=1.0],
 simplera,
[(Host:java.lang.String=localhost),
  (Port:java.lang.Integer=14477),
  (slee-vendor:
    com.opencloud.rhino_replicate_activities:
    java.lang.String=none)
 ]
]
2010-06-08 14:22:53.536
101:176452077447:39
22016
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE (RESULT)
createResourceAdaptorEntity
[ResourceAdaptorID
[name=Simple,vendor=OpenCloud,version=1.0],
 simplera,
[(Host:java.lang.String=localhost),
  (Port:java.lang.Integer=14477),
  (slee-vendor:
    com.opencloud.rhino_replicate_activities:
    java.lang.String=none)
 ]
]
167ms
ok
2010-06-08 14:23:11.987
101:176452077447:47
22004
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE
activateResourceAdaptorEntity
[simplera,[101]]
2010-06-08 14:23:12.029
101:176452077447:47
22004
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE (RESULT)
activateResourceAdaptorEntity
[simplera,[101]]
42ms
ok
2010-06-08 14:23:30.802
101:176452077447:52
22004
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE
activateResourceAdaptorEntity
[simplera,[101]]
2010-06-08 14:23:30.820
101:176452077447:52
22004
admin
admin
write
192.168.0.7
javax.slee.management:
 name=ResourceManagement
INVOKE (RESULT)
activateResourceAdaptorEntity
[simplera,[101]]
18ms
failed
simplera not in INACTIVE state on node(s)[101]

Example 2: Bulk GET operation on Licensing MBean

The example below shows a GET-ATTRIBUTES operation called on the Licensing MBean. It includes queries on four separate attributes: LicenseSummary, LicensedFunctions, LicensedVersions, and Licenses. The result of the bulk-attribute query operation are in the last line.

Note Note that the uniqueID field is the same for all lines representing the GET-ATTRIBUTES operation.
date uniqueID opcode user roles access client address MBean name operation type operation name arguments duration result failure reason
2010-05-28 14:07:11.223
101:175500674962:292
admin
admin
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET-ATTRIBUTES
2010-05-28 14:07:11.223
101:175500674962:292
2008
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET
LicenseSummary
2010-05-28 14:07:11.223
101:175500674962:292
2005
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET
LicensedFunctions
2010-05-28 14:07:11.223
101:175500674962:292
2006
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET
LicensedVersions
2010-05-28 14:07:11.223
101:175500674962:292
2004
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET
Licenses
2010-05-28 14:07:11.226
101:175500674962:292
2008
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET (RESULT)
LicenseSummary
3ms
ok
2010-05-28 14:07:11.226
101:175500674962:292
2005
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET (RESULT)
LicensedFunctions
3ms
ok
2010-05-28 14:07:11.226
101:175500674962:292
2006
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET (RESULT)
LicensedVersions
3ms
ok
2010-05-28 14:07:11.226
101:175500674962:292
2004
admin
admin
read
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET (RESULT)
Licenses
3ms
ok
2010-05-28 14:07:11.226
101:175500674962:292
admin
admin
192.168.0.7
com.opencloud.rhino:
 type=Licensing
GET-ATTRIBUTES (RESULT) 
3ms
ok
Note The durations listed for the individual GET (RESULT) lines correspond to the duration of the entire GET-ATTRIBUTES operation and not the individual GET components. In the example above, the entire GET-ATTRIBUTES operation took 3ms.
Previous page Next page
Rhino Version 2.7.0