Team,
I would like to understand the way to capture all the user activities including
I have created user-activity.log with debug mode for following loggers
com.day.cq.security
org.apache.jackrabbit.oak.security
org.apache.jackrabbit.oak.spi.security
org.apache.jackrabbit.core.audit
Is there any other way to get the user activity information ? Thanks for help.
Solved! Go to Solution.
Views
Replies
Total Likes
Technically you could implement a filter which could output to any log you configure it to write to.
package com.project.core.impl.filters; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import org.apache.felix.scr.annotations.sling.SlingFilter; import org.apache.felix.scr.annotations.sling.SlingFilterScope; import org.apache.sling.api.SlingHttpServletRequest; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * Simple servlet filter component that logs incoming requests. */ @SlingFilter(order = -700, scope = SlingFilterScope.REQUEST) public class LoggingFilter implements Filter { private final Logger logger = LoggerFactory.getLogger(LoggingFilter.class); @Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain) throws IOException, ServletException { final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request; logger.debug("request for {}, with selector {}", slingRequest .getRequestPathInfo().getResourcePath(), slingRequest .getRequestPathInfo().getSelectorString()); filterChain.doFilter(request, response); } @Override public void init(FilterConfig filterConfig) {} @Override public void destroy() {} }
With every request, you can check the path, or any other piece of information and output a log entry for tracking activity. For example, if you want to track a login, you could check the path for "j_security_check". Same for logoff (but different path). I would spend some time playing around with these filters to achieve what you would like to happen.
Views
Replies
Total Likes
Well, What about implementing analytics tracking for each user activity. For instance, Using Site catalyst framework, You could track each user activity.
There are also other tools for the monitoring purpose: SITE24*7, "SPLASH" etc.
http://www.splashmonitoring.com/get-started/
--
Jitendra
Views
Replies
Total Likes
Views
Replies
Total Likes
Hi
We can use some external tools to get most of above stated information:-
1. Wireshark is cross platform and the best tool for inspecting network traffic. It is reliable and well tested and lots of documentation on how to use it.
2. Fiddler is specialized in HTTP(S) packet monitoring, manipulation and generation, so it provides such features as requested in the question in an easier way.
You can get logs for all the HTTP requests and according to the request's url path you can classify them. For Example..
Request 1 : abc.com/r1 (page acess)
Request 2 : abc.com/r2?param1=val1¶m2=val2 (login form submersion)
So using the string in URL you can categorize them or classify them.
PS:- This is for out going requests. We can also monitor this for incoming requests.
I hope this would help you.
Thanks and Regards
Kautuk Sahni
Views
Replies
Total Likes
My requirement to limited to only author instance and also it does not about http requests. I have to keep check what are the activities are being done by author (whoever logged into author instance).
Views
Replies
Total Likes
Just wondering, you can implement some analytic or custom analytics only on author instance.
Views
Replies
Total Likes
Technically you could implement a filter which could output to any log you configure it to write to.
package com.project.core.impl.filters; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import org.apache.felix.scr.annotations.sling.SlingFilter; import org.apache.felix.scr.annotations.sling.SlingFilterScope; import org.apache.sling.api.SlingHttpServletRequest; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * Simple servlet filter component that logs incoming requests. */ @SlingFilter(order = -700, scope = SlingFilterScope.REQUEST) public class LoggingFilter implements Filter { private final Logger logger = LoggerFactory.getLogger(LoggingFilter.class); @Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain) throws IOException, ServletException { final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request; logger.debug("request for {}, with selector {}", slingRequest .getRequestPathInfo().getResourcePath(), slingRequest .getRequestPathInfo().getSelectorString()); filterChain.doFilter(request, response); } @Override public void init(FilterConfig filterConfig) {} @Override public void destroy() {} }
With every request, you can check the path, or any other piece of information and output a log entry for tracking activity. For example, if you want to track a login, you could check the path for "j_security_check". Same for logoff (but different path). I would spend some time playing around with these filters to achieve what you would like to happen.
Views
Replies
Total Likes
Hi, I am not able to see the path "j_security_check" or any specific path for login. Could you please help me what path should I chose for login. Thanks.
Views
Replies
Total Likes
Apart from using the analytics for author instance You have two options:
1. Change log level of access and request logs in author and you will be able to get everything in the log file in raw format.
2. implement a custom logger to log everything in your desired format and use that logger to log access and request logs for authorized/not authorized access or request to your instance.
Thanks
Amit
Views
Replies
Total Likes
Thanks Leeasling and Amit. I will try this approach. Already we have error log filter. Let me implement on more filter for user activity.
Views
Replies
Total Likes
leeasling wrote...
Technically you could implement a filter which could output to any log you configure it to write to.
package com.project.core.impl.filters;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.felix.scr.annotations.sling.SlingFilter;
import org.apache.felix.scr.annotations.sling.SlingFilterScope;
import org.apache.sling.api.SlingHttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Simple servlet filter component that logs incoming requests.
*/
@SlingFilter(order = -700, scope = SlingFilterScope.REQUEST)
public class LoggingFilter implements Filter {
private final Logger logger = LoggerFactory.getLogger(LoggingFilter.class);
@Override
public void doFilter(final ServletRequest request, final ServletResponse response,
final FilterChain filterChain) throws IOException, ServletException {
final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request;
logger.debug("request for {}, with selector {}", slingRequest
.getRequestPathInfo().getResourcePath(), slingRequest
.getRequestPathInfo().getSelectorString());
filterChain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void destroy() {}
}
With every request, you can check the path, or any other piece of information and output a log entry for tracking activity. For example, if you want to track a login, you could check the path for "j_security_check". Same for logoff (but different path). I would spend some time playing around with these filters to achieve what you would like to happen.
this works well. Thanks for your report. Also i have added event listener to capture few events for /content , /etc , /libs and /home to track few things.
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies