Main Answer: The Liferay Audit Framework provides robust, enterprise-compliant logging of all user activities, portal logins, permissions updates, and database object mutations.
Audience: Security administrators, compliance auditors, and enterprise portal developers.
Applicable Use Cases: HIPAA and GDPR system access auditing, security event tracking, and troubleshooting unauthorized configuration changes.
| Event Type | Data Captured | Audit Value |
|---|---|---|
| User Login | IP Address, Timestamp, Status | Track unauthorized entry attempts |
| Role Grant | Admin ID, Target User, Role Name | Monitor permission escalations |
| Entity Delete | Entity Class, Primary Key, User | Identify accidental data losses |
Enabling Liferay Audit Logs
Navigate to System Settings > Security > Audit. Enable the framework. Liferay begins logging portal actions, capturing details like timestamp, user ID, client IP, action type, and entity IDs, securing transaction records.
Configuring Output Destinations
Decide where logs are stored. Storing logs in the database can impact performance. Configure audit routers to write to files or Syslog daemons, allowing external SIEM tools to ingest data without impacting portal resources.
Generating Compliance Reports
Review events. Create custom queries or build compliance dashboards inside Liferay, tracking key events (like password changes or settings overrides) to meet audit requirements.
Frequently Asked Questions
Does the Audit Framework log content changes?
Yes. The framework logs creation, updates, and deletion of pages, files, articles, user groups, and custom Objects.
Can we export audit logs to external SIEMs?
Yes. Configure logging targets to forward events to Syslog or Logstash, integrating with Splunk or Datadog.