Trading Networks 10.3 | Administering and Monitoring B2B Transactions | Service Development Help | Subscribing to Events | About Security Events
 
About Security Events
A security event occurs when an administrative or operational security action takes place on Integration Server and that security action is configured for auditing.
Administrative actions refer to configuration changes related to Integration Server security activities. Operational actions refer to successful and unsuccessful login attempts and access to Integration Server services, documents, and portlets.
Administrative security events include:
*Creating, modifying, and deleting packages, folders, and services.
*Creating, deleting, or modifying authentication related information. This includes creating new users, deleting users, changing their security attributes (for example, passwords), setting or modifying the mapping between certificates and users, and so on.
*Creating, deleting, or modifying authorization related information. This includes creating, modifying, and deleting ACLs.
*Creating, deleting, or modifying port settings. This includes defining allowed or denied actions on the port, port modes (allowed or denied by default in Integration Server), and certificate handling.
*Configuring SSL settings in Integration Server.
*Modifying or resetting Outbound Passwords.
Operational security events include:
*Successful logins to the Integration Server.
*Unsuccessful login attempts to the Integration Server. The login attempt failure could be because of incorrect password, disabled account, SSL failure, or expired certificate.
*Successful and unsuccessful accesses to services, files, and packages.
*Modifying existing passwords.
*Modifying messaging settings.
For information on configuring the Security logger, see webMethods Audit Logging Guide.
A service that functions as an event handler for a Security event should use the pub.event:security specification as its service signature. For more information about the pub.event:security service, see the webMethods Integration Server Built-In Services Reference.