Downloading auditing data

Audit activity is captured by the WebSphere® DataPower® XC10 Appliance. User activity for a set of auditable objects is preserved to ensure that adequate audit coverage is available.

About this task

The audit data that captures user activity for specific auditable objects is stored on the appliance. See the following table for information about the auditable objects included in your audit data.
Table 1. Auditable objects
Objects Add/Create Delete Update Other
Assimilation Y Y N/A  
Group Y Y Y  
Session N/A N/A N/A Time out, log in
User Y Y Y  
Zone Y Y Y  
Zone activation Y Y Y  
Data integrity is of crucial importance for adequate auditing procedures. To ensure data integrity, audit data must be retrieved from the appliance when it is needed. After you have downloaded the audit data, you are responsible for using your own methods to ensure the data integrity. Use the following steps to retrieve your audit data from the appliance.

Procedure

  1. Open the Auditing section in the user interface. Click Applicance > Troubleshooting. Expand the Auditing section. By expanding the Auditing section, you have access to the audit data that is available for your appliance.
  2. Download the audit data. You can either download all the data, or a filtered version of the data.
    • Download all data

      Click Download all data to download the audit.zip file. The audit.zip file contains all the data that is currently available on the appliance. If you are looking for the audit data in a comma-separated value (CSV) format or only a subset of the available audit data, then you can adjust the date range and download the filtered data.

    • Download filtered data

      Adjust the date range and set the time zone settings. The date range and time zone settings are used to generate the filtered data. These settings are only applicable to the filtered data and are not applicable when downloading all data. The default value for the time zone setting is the time zone associated with the appliance. The default date range is to include data from the last 30 days. By adjusting the time zone and the date range, you specify the audit events that are included.

      Click Download filtered data to download the CSV formatted audit data from the date range specified. The audit.csv file is a comma-separated value formatted file that can be downloaded to the file system. You can import the CSV formatted data into vendor software for additional formatting and viewing.