Skip to main content

Auditing

Auditing is done using a capability, as described in Capabilities called Audit. For your convenience, this capability is created and enabled by default.

When enabled, a log file located in $data-dir/log/audit/audit.log will be updated each time a user (or internal processes) modifies the configuration of Nexus Repository, as well as any asset and component additions and removals. Each line of this log contains an unformatted JSON message representing a single audit item. This table has a list of available attributes in these JSON messages:

Attribute

Description

Example

timestamp

The date and time this event occurred

2019-02-04 18:12:07,856-0500

nodeId

The nodeId of the instance (used to correlate audit logs across multiple instances)

5DF0F434-88A6F4B7-AEDCE785-CAD9628C-8AD86154

initiator

The initiator of the event, often a username/host combination, unless an interally generated event

admin/172.16.0.10

domain

Functional area of the system

                           "security.user";
"repository.component";
"repository.asset";
"tasks";
"security.user-role-mapping";
"security.sslcertificate";
"security.role";
"security.realm";
"security.privilege";
"security.ldap";
"security.crowd";
"security.anonymous";
"script";
"repository-view";
"repository-content-selector";
"repository-admin";
"repository";
"replication";
"logging";
"license";
"httpclient";
"email";
"capability";
"blobstore";

type

Action performed in this domain

created

context

Identifying details of the event

mynewusername

thread

Thread name of the event initiator. Thread name can help correlate related log lines from other log files.

quartz-7-thread-1

attributes

Map of key:value pairs that contain more details about the event

{"id":"mynewusername","name":"John Doe","email":"jdoe@emailserver.com","source":"default","status":"active","roles":"nx-admin"}

This log file will rotate daily, and a maximum of 90 days worth of files will be retained.