Integration Server 10.5 | Audit Logging Guide | Viewing Audit Log Data | View the Audit Logs in Integration Server Administrator | View the Security Log
 
View the Security Log
In Integration Server Administrator, go to the Logs > Security page to view the security log.
The following table describes the fields in a security log.
Column
Description
Time Stamp
Date and time the entry was written to the log.
Message
Text that explains the security event that occurred.
Server Id
Integration Server on which the security event occurred. This is necessary information when Integration Servers are clustered and writing to a shared RDBMS. The ID can be DNSname:port or IPaddress:port.
Note:
The port is always the Integration Server’s primary port, even if the event occurred on a different (non‑primary) Integration Server port.
Client Id
Network IP address for the client from which the security event was performed.
When watt.server.securityLog.ignoreXForwardedForHeader is set to false, Integration Server obtains the originating client IP address from the X-Forwarded-For request header and uses that client IP address as the Client Id in the security log and security log message. When watt.server.securityLog.ignoreXForwardedForHeader is set to true, Integration Server ignores the X-Forwarded-For request header and uses the IP address of the proxy server as the client Id.
When watt.server.securityLog.eg.enableExternalClientIP is set to true, the IP address of the client application that invokes a service in Integration Server through Enterprise Gateway is recorded. Otherwise, the IP address of Enterprise Gateway is recorded.
User Id
Integration Server user name under which the client connected to perform the security event.
Security Event Type
Category for the security event that occurred (authentication, authorization, certificates, configuration, and so on).