Security · AMP

Implementing Audit Frameworks for Enterprise Compliance in Liferay

Ankita Varani · Published Mar 16, 2026 · 10 min read · View full version

Quick answer

Set up enterprise compliance by enabling Liferay's Audit Framework in System Settings, configuring log destinations (file, database, Syslog), and designing custom dashboard widgets to audit user logins and record alterations.

Enabling Liferay Audit Logs

Navigate to System Settings > Security > Audit. Enable the framework. Liferay begins logging portal actions, capturing details like timestamp, user ID, client IP, action type, and entity IDs, securing transaction records.

Configuring Output Destinations

Decide where logs are stored. Storing logs in the database can impact performance. Configure audit routers to write to files or Syslog daemons, allowing external SIEM tools to ingest data without impacting portal resources.

Generating Compliance Reports

Review events. Create custom queries or build compliance dashboards inside Liferay, tracking key events (like password changes or settings overrides) to meet audit requirements.

Frequently asked questions

Does the Audit Framework log content changes?

Yes. The framework logs creation, updates, and deletion of pages, files, articles, user groups, and custom Objects.

Can we export audit logs to external SIEMs?

Yes. Configure logging targets to forward events to Syslog or Logstash, integrating with Splunk or Datadog.

Read the full article, with table of contents, comparison table, and author bio →