Column | Description |
Date/Time | Date and time the audit record was written to the database or file system. |
Audit time stamp | Date and time the entry was written to the log. |
Message | Text that explains the security event that occurred. |
Server ID | Integration Server on which the security event occurred. This is necessary information when Integration Servers are clustered and writing to a shared RDBMS. The ID can be DNSname:port or IPaddress:port. Note: The port is always the Integration Server’s primary port, even if the event occurred on a different (non‑primary) Integration Server port. |
Client ID | Network IP address for the client from which the security event was performed. When watt.server.securityLog.ignoreXForwardedForHeader is set to false, Integration Server obtains the originating client IP address from the X-Forwarded-For request header and uses that client IP address as the Client Id in the security log and security log message. When watt.server.securityLog.ignoreXForwardedForHeader is set to true, Integration Server ignores the X-Forwarded-For request header and uses the IP address of the proxy server as the client Id. When watt.server.securityLog.eg.enableExternalClientIP is set to true, the IP address of the client application that invokes a service in Integration Server through Enterprise Gateway is recorded. Otherwise, the IP address of Enterprise Gateway is recorded. |
User ID | Integration Server user name under which the client connected to perform the security event. When watt.server.securityLog.logAnonymousRequests is set to true, the security logger will write anonymous authentication requests to the security log. In a log entry, the User Id for an anonymous request will be "local/default". |
Security event type | Category for the security event that occurred (authentication, authorization, certificates, configuration, and so on). |
Result | The result of the request for which security action was logged, either SUCCESS or FAILURE. |
Service name | Name of the service that generated the audit event. |
Client application | Client application accessing the server. This could be an OAuth client application. |
Request size | Size of the request in bytes. This is for OAuth events. |
Root Context Parent Context Current Context | Context information Monitor uses to connect related entries from different logs. |