[jboss-jira] [JBoss JIRA] (WFCORE-4561) [GSS](7.2.z) JMX audit log does not show operation parameters

Ingo Weiss (Jira) issues at jboss.org
Mon Jul 8 10:45:00 EDT 2019 

     [ https://issues.jboss.org/browse/WFCORE-4561?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ingo Weiss moved JBEAP-17153 to WFCORE-4561:
--------------------------------------------

              Project: WildFly Core  (was: JBoss Enterprise Application Platform)
                  Key: WFCORE-4561  (was: JBEAP-17153)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: JMX
                       Logging
                           (was: JMX)
                           (was: Logging)
    Affects Version/s: 10.0.0.Beta2
                           (was: 7.1.2.GA)


> [GSS](7.2.z) JMX audit log does not show operation parameters
> -------------------------------------------------------------
>
>                 Key: WFCORE-4561
>                 URL: https://issues.jboss.org/browse/WFCORE-4561
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: JMX, Logging
>    Affects Versions: 10.0.0.Beta2
>         Environment: RHEL 7.6
>            Reporter: Ingo Weiss
>            Assignee: Ingo Weiss
>            Priority: Major
>         Attachments: reproducer.tar.gz
>
>
> JMX audit logs don't actually show all values needed to audit JMX operations.
> Output for EAP's JMX audit logging currently looks like the following:
> {code:json}
> 2019-05-29 16:01:40 - {
>     "type" : "jmx",
>     "r/o" : false,
>     "booting" : false,
>     "version" : "7.1.3.GA",
>     "user" : "jmxuser",
>     "domainUUID" : null,
>     "access" : "JMX",
>     "remote-address" : "localhost/127.0.0.1",
>     "method" : "invoke",
>     "sig" : [
>         "javax.management.ObjectName",
>         "java.lang.String",
>         "[Ljava.lang.Object;",
>         "[Ljava.lang.String;"
>     ],
>     "params" : [
>         "java.util.logging:type=Logging",
>         "getLoggerLevel",
>         "[Ljava.lang.Object;@5755b7fa",
>         "[Ljava.lang.String;@784a9d0d"
>     ]
> }
> {code}
> This result follows the format of the Java interface {{MBeanServerConnection.invoke()}} [1], but does not actually display the values in the "sig" and "params" blocks for the two arrays passed in as parameters ({{[Ljava.lang.Object;}} and {{[Ljava.lang.String;}} are just what {{Object.toString()}} returns for any array of Objects or array of Strings).
> This means that we can gather the name of the MBean and the method of it which has been invoked, but we cannot gather any information on what values were sent to the MBean. Because of this, we cannot determine what change has been attempted. This absence of information is relatively important for what is supposed to be an auditing log.
> Auditing output should contain the actual values of (at least) the Object array so that customers can audit what JMX alterations were attempted.
> [1] https://docs.oracle.com/javase/8/docs/api/javax/management/MBeanServerConnection.html#invoke-javax.management.ObjectName-java.lang.String-java.lang.Object:A-java.lang.String:A-



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list