Date and time the audit record was written to the database or file system.

Date and time the entry was written to the log.

Text that explains the security event that occurred.

Integration Server on which the security event occurred. This is necessary information when Integration Servers are clustered and writing to a shared RDBMS. The ID can be DNSname:port or IPaddress:port.

Network IP address for the client from which the security event was performed.

When watt.server.securityLog.ignoreXForwardedForHeader is set to false, Integration Server obtains the originating client IP address from the X-Forwarded-For request header and uses that client IP address as the Client Id in the security log and security log message. When watt.server.securityLog.ignoreXForwardedForHeader is set to true, Integration Server ignores the X-Forwarded-For request header and uses the IP address of the proxy server as the client Id.

When watt.server.securityLog.eg.enableExternalClientIP is set to true, the IP address of the client application that invokes a service in Integration Server through Enterprise Gateway is recorded. Otherwise, the IP address of Enterprise Gateway is recorded.

Integration Server user name under which the client connected to perform the security event.

When watt.server.securityLog.logAnonymousRequests is set to true, the security logger will write anonymous authentication requests to the security log. In a log entry, the User Id for an anonymous request will be "local/default".

Category for the security event that occurred (authentication, authorization, certificates, configuration, and so on).

The result of the request for which security action was logged, either SUCCESS or FAILURE.

Name of the service that generated the audit event.

Client application accessing the server. This could be an OAuth client application.

Size of the request in bytes. This is for OAuth events.

Context information Monitor uses to connect related entries from different logs.