Using the WS-Auditing Service Policy

Learn about the WS-Auditing Service policy and policy configuration options.

About Policies Managing Policies About Operational Policies

Table of Contents

  1. About the WS-Auditing Service policy
  2. Creating a WS-Auditing Service policy
  3. Configuring a WS-Auditing Service policy
  4. WS-Auditing Service policy options
  5. Viewing the WS-Auditing Service policy
  6. Attaching the policy

About the WS-Auditing Service policy

You can attach the WS-Auditing Service policy to Services, Bindings, Operations, and Access Points.

back to top

Creating a WS-Auditing Service policy

The first step in creating a policy is to define the basic policy information. Then, you can configure the policy details.

To add an operational policy
  1. Go to Workbench > Browse > Organization, and select Policies > Operational Policies. The Policies Summary is displayed.
  2. Click Add Policy.
  3. Choose the policy type and click Next.
  4. Specify a name (required) and description (optional) and click Finish. The Add Policy Wizard creates a draft policy instance that you can then configure on the Policy Details page.

For more information, see Add Policy.

back to top

Configuring a WS-Auditing Service policy

To configure a WS-Auditing Service policy
  1. Go to Workbench > Browse > Organization and select the Policies > Operational Policies folder. The Policies Summary is displayed.
  2. Find the policy on the list and double-click to go to the Details page for the policy.
  3. In the second panel, click Modify to access the Modify WS-Auditing Service Policy page, as shown below.

  4. Specify values. For information about the fields, refer to WS-Auditing Service policy options below.
  5. When done, click Apply.

WS-Auditing Service policy options

Audit Messages
The Audit Messages section includes two main options:
  • Audit All Messages: Enables the auditing of all messages.
  • Filter Messages: Enables the ability to filter messages based on the filter settings. The following options are available when the Filter Messages checkbox is selected:

    Exchanges resulting in an error: Enables the ability to audit only messages with errors.

    Percentage of exchanges: Enables the ability to audit messages a random sample of messages based on a specified percentage. This option includes a text box that allows you to enter an integer percentage between 1 and 99.

    Messages where XPath evaluates to true: Enables the ability to audit messages that satisfy a specified XPath. This option includes a "Namespace Prefixes" table that allows you to enter an XPath expression for filtering messages, defining Prefix and Namespace for each XPath expression. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.

Audit Messages: additional options
The Audit Messages section includes the following additional checkboxes:
  • Audit Input Message: Enables the auditing of input messages.
  • Audit Output Message: Enables the auditing of input messages.
  • Audit Fault Message: Enables the auditing of fault messages.
  • Audit Message Size: Enables the auditing of the size of messages in the exchange.
  • Audit Transport: Enables the auditing of transport information.
  • Audit Contract: Enables the auditing of a contract governing a message.
Audit Identities
Enables the auditing of specified identities included in a request message. The following options are available when the "Audit Identities" checkbox is selected.
  • Consumer: Enables the auditing of a consumer identity sent with a request message.
  • End-User: Enables the auditing of an end-user identity sent with a request message.
  • Additional Subject Categories: Enables auditing of identities associated with specified Subject Categories sent with a request message.
  • Subject Category Table: A text box for entering a Subject Category to add to the Additional Subject Categories list.
Reporting Options
The following reporting options are available:
  • Log: Check the box if the audit information must be logged.
  • Alert: Check the box if the audit information must be delivered in an event.
Phase
A drop-down list box that allows you to select a phase of message processing when auditing shall occur. The following options are available:
  • Application: Option that enable auditing of message content in its application readable format.
  • Wire: Option that enables auditing of message content in its wire format.

back to top

Attaching the policy

To use the policy, go to the Policies folder in the Root Organization and attach the policy to a web service, binding, or binding operation.

Back to top

Viewing the WS-Auditing Service policy

To view the WS-Auditing Service policy details:
  1. Go to Workbench > Browse > Organization, and select Policies > Operational Policies. The Policies Summary is displayed.
  2. Find the policy on the list and double-click to go to the Details page for the policy.

From this page the following options are available:

  • Modify: A link that launches the "Modify WS-Auditing Service Policy" screen.
  • Audit Message Size: Indicates whether size of messages in the exchange should be audited.
  • Messages Filter: A read-only label that indicates the type of filter being applied to messages.
  • Audit Input Message: Indicates whether Input Message content is being audited.
  • Audit Output Message: Indicates whether Output Message content is being audited.
  • Audit Fault Message: Indicates whether Fault Message content is being audited.
  • Audit Contract: Indicates whether the contract governing the message is being audited.
  • Audit Transport: Indicates whether transport headers are being audited.
  • Audited Identities: Indicates whether the identities (by Subject Category) in the message are being audited.
  • Log: Indicates whether audit information is being logged.
  • Alert: Indicates whether audit information is being delivered in an event.
  • Phase: A read-only label that indicates the phase of message processing (Application or Wire) when auditing occurs.

Back to top