Server Configuration > Server Logging > Setting Up Audit Logging on Integrity Lifecycle Manager Server > Format of Results
 
Format of Results
You can view the audit log through the GUI or CLI. Access for configuring and viewing the audit log is controlled through the AdminServer permission under the mks:im and mks:si ACLs. For more information on setting ACLs, see “Creating a Configuration Management ACL Control”.
Results display in columns through the Audit Log dialog box.
By default, auditing is set to false for all global components (is, im, and si). You can configure the mksis.auditor property to set the level of auditing required on your system. This section includes examples to show how specific categories can be used to override the more general global settings.
To audit all workflow and document operations, set the general component category to true:
mksis.auditor.im=true
To audit only workflow and document administrative operations, set the im.admin category to true (no change is required to the default setting of mksis.auditor.im=false):
mksis.auditor.im=false
ksis.auditor.im.admin=true
To audit all workflow and document operations, except administrative operations, set the global im category to true, and explicitly set the more specific server category to false:
mksis.auditor.im=true
mksis.auditor.im.admin=false
To audit only the workflow and document change package deletion operation (no change is required to the default setting of mksis.auditor.im=false):
mksis.auditor.im=false
ksis.auditor.im.changePackage.deletecp=true
To audit all workflow and document (im) operations, except change package operations, while including information on the change package deletion operation:
mksis.auditor.im=true
ksis.auditor.im.changePackage=false
ksis.auditor.im.changePackage.deletecp=true
Additional examples of property syntax are provided in the is.properties file.
The following are some considerations when setting up the audit log:
To work with the audit log, you must first have the AdminServer ACL permission for the component you are working with (im or si). For more information, see “Workflow and Document ACLs” and “Configuration Management ACLs”.
Audit logging is configured manually in the installdir/config/properties/is.properties file on the Integrity Lifecycle Manager server. You can view the resulting audit log through the Integrity Lifecycle Manager administration client or the CLI.
To provide customizable auditing controls, categories are organized into independent hierarchies, with an individual Integrity Lifecycle Manager server component at the root of each category (im, si, or is).
Depending on the server usage pattern and auditing configuration, significant data can be generated and written to the audit log file.
The Integrity Lifecycle Manager server does not capture any records of read events or configuration changes that are initiated through the properties files.
* 
Once audit logging in set to true, you can enable or disable it dynamically using the im diag or si diag commands with the following options:
--diag=switchauditlog --param=on
--diag=switchauditlog --param=off
For example, to disable audit logging, you can use:
im diag --diag=switchauditlog --param=off