Management Audit Logging Events

Version 1

    Administrative changes to a WildFly Server or Host Controller (HC) process will generate an entry in the management audit log if audit logging is enabled. The relevant events come in two basic categories:

     

    Model Controller Events

     

    The Model Controller is the central execution point for all management changes that affect the server/HC's configuration or its MSC services. All operation execution is audit loggable, although the "log-boot" and "log-read-only" attributes on the core-service=management/access=audit/logger=audit-log management resource allows disabling logging of operations executed during server boot and of operations that only read and do not change state.

     

    In the default WildFly 8 configuration boot operations are logged and read-only operations are not logged.

     

    Server Usage

     

    Core

     

    The following core systems in a Server process call into the server's Model Controller:

     

    • ServerService -- during boot it parses the xml configuration file into a series of management operations and instructs the Model Controller to execute them.
    • ModelControllerClientOperationHandler -- in a standalone server, handles remote management client requests that use our native management protocol. This includes requests coming in via the native-interface as well as those coming in via the http-interface that use HTTP Upgrade to upgrade to the native management protocol. The CLI and the CLI GUI jconsole plugin are examples of such clients, as is the maven-wildfly maven plugin.
    • HttpManagmentService -- handles remote management client requests that use our HTTP management protocol. This includes requests coming in via the http-interface targeted at the management context (e.g. http://localhost:9990/management). JON and the WildFly management console are examples of such clients.
    • TransactionalProtocolOperationHandler -- in a managed domain server, handles remote management requests from the server's Host Controller.
    • HostControllerClient -- in a managed domain server, if the server's connection to its managing Host Controller fails and an attempt to reconnect does not succeed, interacts with the Model Controller to put the server in "restart-required" state.
    • ModelControllerMBeanServerPlugin -- javax.management.MBeanServer implementation used for all requests for the jboss.as and jboss.as.expr JMX domains. The mbeans in this JMX domain act as facades to the WildFly management resources.
    • JSR77ManagementMBeanServer -- javax.management.MBeanServer implementation used for all JSR-77 JMX requests

     

    Subsystems

     

    The following subsystems in WildFly call into the server's Model Controller:

     

    • deployment-scanner -- to check what deployments currently exists and to add/remove/update deployments based on filesystem scans
    • jdr -- to gather system status information for use in diagnostics. Really an EAP feature as the resulting output is provided by users to Red Hat's Global Support Services team.
    • config-admin -- (removed from WildFly; only in EAP 6 as an unsupported Tech Preview feature) maintains a set of OSGi Config Admin service Dictionarys in the server management model
    • osgi -- (removed from WildFly; only in EAP 6 as an unsupported Tech Preview feature) makes a client to the Model Controller available to OSGi bundles

     

    Host Controller Usage

     

    The following systems in a Host Controller call into the process' Model Controller:

     

    • DomainModelControllerService -- during boot it parses the xml configuration file into a series of management operations and instructs the Model Controller to execute them. Also interacts with the Model Controller as part of the process of starting servers.
    • ModelControllerClientOperationHandler -- handles remote management client requests that use our native management protocol. This includes requests coming in via the native-interface as well as those coming in via the http-interface that use HTTP Upgrade to upgrade to the native management protocol. The CLI is an example of such a client.
    • HttpManagmentService -- handles remote management client requests that use our HTTP management protocol. This includes requests coming in via the http-interface targeted at the management context (e.g. http://localhost:9990/management). JON and the WildFly management console are examples of such clients.
    • MasterDomainControllerOperationHandlerService -- runs on the master Host Controller to handle requests from slave Host Controllers.
    • TransactionalProtocolOperationHandler -- in a slave Host Controller, handles remote management requests from the master Host Controller
    • RemoteDomainConnectionService -- in a slave Host Controller interacts with the Model Controller as part of registering the slave with the master Host Controller

     

    Appclient Usage

     

    • ApplicationClientDeploymentService -- Service responsible for deploying the application client that was specified on the command line.

     

    JMX Events

     

    If audit logging of JMX events is enabled in the jmx subsystem, the invocation of the following javax.management.MBeanServer methods will be logged for mbeans not in the jboss.as and jboss.as.expr JMX domains. (For the jboss.as and jboss.as.expr JMX domains see Model Controller Events / Server / Core / ModelControllerMBeanServerPlugin above.)

     

    • addNotificationListener(ObjectName, NotificationListener, NotificationFilter, Object)
    • addNotificationListener(ObjectName, ObjectName, NotificationFilter, Object)
    • createMBean(String, ObjectName)
    • createMBean(String, ObjectName, Object[], String[])
    • createMBean(String, ObjectName, ObjectName)
    • createMBean(String, ObjectName, ObjectName, Object[], String[])
    • deserialize(ObjectName, byte[])
    • deserialize(String, byte[])
    • deserialize(String, ObjectName, byte[])
    • getAttribute(ObjectName, String)
    • getAttributes(ObjectName, String[])
    • getClassLoader(ObjectName)
    • getClassLoaderFor(ObjectName)
    • getClassLoaderRepository()
    • getDefaultDomain()
    • getDomains()
    • getMBeanCount()
    • getMBeanInfo(ObjectName, boolean, boolean)
    • getObjectInstance(ObjectName)
    • instantiate(String)
    • instantiate(String, Object[], String[])
    • instantiate(String, ObjectName)
    • instantiate(String, ObjectName, Object[], String[])
    • invoke(ObjectName, String, Object[], String[])
    • isInstanceOf(ObjectName, String)
    • isRegistered(ObjectName)
    • queryMBeans(ObjectName, QueryExp)
    • queryNames(ObjectName, QueryExp)
    • registerMBean(Object, ObjectName)
    • removeNotificationListener(ObjectName, NotificationListener)
    • removeNotificationListener(ObjectName, NotificationListener, NotificationFilter, Object)
    • removeNotificationListener(ObjectName, ObjectName)
    • removeNotificationListener(ObjectName, ObjectName, NotificationFilter, Object)
    • setAttribute(ObjectName, Attribute)
    • setAttributes(ObjectName, AttributeList)
    • unregisterMBean(ObjectName)