How to check audit status

You can check the status of auditing conveniently from the command line by using a tool such as curl to access the Audit Control web script.

Curl options used:

Use man curl for further information.

To check the global status of auditing issue a command such as:

curl -u admin:password "http://localhost:8080/alfresco/service/api/audit/control"      

This invokes the web script with a GET request. This will result in a JSON response such as the following if auditing is currently enabled:

{
   "enabled" : true,
   "applications": 
   [
      {
         "name": "SkyVault Tagging Service",
         "path" : "/tagging",
         "enabled" : true
      }
         ,
      {
         "name": "alfresco-access",
         "path" : "/alfresco-access",
         "enabled" : true
      }
         
   ]
}
    

While this does return the global status of the auditing framework, audit data will only be generated if audit.alfresco-access.enabled is enabled.

If auditing is currently disabled the response will be:

{
   "enabled" : false
}  

In this case no audit data will be generated as the audit framework is disabled.

Auditing can also be globally enabled or disabled using the control web script. To do this a POST request is sent to the web script. For example, using curl, auditing can be enabled using the following command:

curl -u admin:password -d "" "http://localhost:8080/alfresco/service/api/audit/control?enable=true"

This results in the following response:

{
   "enabled" : true
}  

To disable auditing issue the following command:

curl -u admin:password -d "" "http://localhost:8080/alfresco/service/api/audit/control?enable=false"

This results in the following response:

{
   "enabled" : false
}  

While the global status of the auditing framework can be switched on and off in this manner, audit data will only be generated if audit.alfresco-access.enabled is enabled in the global properties file.