ATNAAudit node

Use an ATNAAudit node to create and send ATNA audit messages to an ATNA audit repository.

Purpose

Use the ATNAAudit node to receive an XML audit message from the message flow, use the elements from the XML audit message to create an ATNA audit message, and then route the ATNA audit message to the configured ATNA audit repository.

The ATNAAudit node is contained in the Healthcare drawer of the message flow node palette, and is represented in the IBM® Integration Toolkit by the following icon:

ATNA audit node icon

Using this node in a message flow

You configure the location of the ATNA audit repository that is used by ATNAAudit nodes by using a configurable service. The configurable service specifies the ATNA audit repository location for a broker rather than an individual ATNAAudit node, so ATNAAudit nodes in all message flows running on the same broker send their ATNA audit messages to the same ATNA audit repository. For information about creating the ATNA configurable service, see Enabling message flows to send ATNA audit messages.

If an invalid XML audit message is routed to the ATNAAudit node, the ATNAAudit node produces an error and the XML audit message is rolled back to the input node of the message flow (or most recent catch handler). The error message includes details of the problem with the XML audit message. For example, the root element might be incorrect or an element from the schema might be missing.

The ATNA Integration Profile defines two transport mechanisms for the ATNA audit messages:
  • Transmission of Syslog Messages over TLS
    • If the TLS connection to an audit repository is broken, the ATNAAudit node attempts to reconnect. If the attempt succeeds, the ATNA audit message is sent. If the attempt fails, an error is produced and the ATNA audit message is rolled back to the input node of the message flow (or nearest catch handler).
    • TLS version 1.2 is recommended but not mandatory.
  • Transmission of Syslog Messages over UDP
    • The underlying UDP transport might not accept long ATNA audit messages (messages that are longer than the MTU size minus the UDP header length) so long syslog messages might be truncated. When syslog messages are truncated, the resulting XML is incorrect and must be corrected in the ATNA audit repository.
    • The ATNAAudit node does not produce an error if the delivery of an ATNA audit message over UDP fails. For reliable and secure message delivery with the ATNAAudit node, use the TLS transport.
You configure the transport in the auditRepositoryURI element in the configurable service by specifying udp:// or tls://. To work with secure connections over TLS, you must configure IBM Integration Bus with a key and truststore. The ATNA standard requires the use of client certificates in TLS to ensure full authentication of both participants. The keystore must therefore contain a client certificate for the connection.
Note: You cannot specify which client certificate to use if the keystore contains more than one certificate.
All ATNA audit messages include an event outcome element as detailed in the following table.
Note: The element values are case-sensitive and must be entered in upper case as shown in the table.
Element Description
SUCCESS The action completes successfully.
MINOR_FAILURE The action is restarted, for example, when an invalid password is provided.
SERIOUS_FAILURE The action is ended, for example, when an invalid password is provided on several consecutive attempts.
MAJOR_FAILURE The action is made unavailable, for example, when a user account is disabled because of excessive invalid attempts to log in.
The following table details the activity log entries that are written by the ATNAAudit node where AuditMessage is the name of the ATNA audit message.
Description Type Example Recommendations
ATNAAudit node is sending an ATNA audit message to the audit repository. Information BIP12068 Sending ATNA audit message (AuditMessage) No action is required
Audit is disabled for this message (either through the configurable service or the node property). Warning BIP12069 Not sending ATNA audit message - audit is disabled (AuditMessage) No action is required

Configuring the ATNAAudit node

When you have added an instance of a ATNAAudit node into a message flow, you can configure it.

All mandatory properties for which you must enter a value (properties that do not have a default value defined) are marked with an asterisk.

Terminals and properties

The ATNAAudit node terminals are described in the following table.
Terminal Description
In The terminal to which an XML audit message is routed for sending to an ATNA audit repository.
Out The output terminal to which the XML audit message is routed after the ATNA audit message is sent to an ATNA audit repository. No changes are made to the XML audit message.

The following tables describe the node properties. The column headed M indicates whether the property is mandatory (marked with an asterisk if you must enter a value when no default is defined); the column headed C indicates whether the property is configurable (you can change the value when you add the message flow to the broker archive (BAR) file to deploy it).

The Description properties for the ATNAAudit node are described in the following table.
Property M C Default Description
Node name Yes No ATNAAudit The name of the node.
Short description No No   A brief description of the node.
Long description No No   Text that describes the purpose of the node in the message flow.
The Basic properties for the ATNAAudit node are described in the following table.
Property M C Default Description
Audit enabled No Yes Selected Determines whether this node sends ATNA audit messages or not.
Note: ATNA audit messages are only sent from an ATNAAudit node when the Audit enabled property is selected in the ATNAAudit node and the auditEnabled property is set to true in the configurable service, see Enabling message flows to send ATNA audit messages.
All other properties are set by using a configurable service. For information about creating the configurable service, see Enabling message flows to send ATNA audit messages
Related concepts:
Introduction to IBM Integration Bus Healthcare Pack
Developing healthcare message flow applications by using the patterns supplied in IBM Integration Bus Healthcare Pack
Related tasks:
Auditing data from message flows
Related reference:
XML audit messages
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 2011, 2014Copyright IBM Corporation 2011, 2014.
Last updated Last updated : 2015-12-07 16:17:41


Reference topicReference topic | Version 3.0.0.1 | ha05210