ATNAAudit node
Use an ATNAAudit node to create and send ATNA audit messages to an ATNA audit repository.
Purpose
Use the ATNAAudit node to receive an XML audit message from the message flow, use the elements from the XML audit message to create an ATNA audit message, and then route the ATNA audit message to the configured ATNA audit repository.
The ATNAAudit node is contained in the Healthcare drawer of the message flow node palette, and is represented in the IBM® Integration Toolkit by the following icon:
Using this node in a message flow
You configure the location of the ATNA audit repository that is used by ATNAAudit nodes by using a configurable service. The configurable service specifies the ATNA audit repository location for a broker rather than an individual ATNAAudit node, so ATNAAudit nodes in all message flows running on the same broker send their ATNA audit messages to the same ATNA audit repository. For information about creating the ATNA configurable service, see Enabling message flows to send ATNA audit messages.
If an invalid XML audit message is routed to the ATNAAudit node, the ATNAAudit node produces an error and the XML audit message is rolled back to the input node of the message flow (or most recent catch handler). The error message includes details of the problem with the XML audit message. For example, the root element might be incorrect or an element from the schema might be missing.
- Transmission of Syslog Messages over TLS
- If the TLS connection to an audit repository is broken, the ATNAAudit node attempts to reconnect. If the attempt succeeds, the ATNA audit message is sent. If the attempt fails, an error is produced and the ATNA audit message is rolled back to the input node of the message flow (or nearest catch handler).
- TLS version 1.2 is recommended but not mandatory.
- Transmission of Syslog Messages over UDP
- The underlying UDP transport might not accept long ATNA audit messages (messages that are longer than the MTU size minus the UDP header length) so long syslog messages might be truncated. When syslog messages are truncated, the resulting XML is incorrect and must be corrected in the ATNA audit repository.
- The ATNAAudit node does not produce an error if the delivery of an ATNA audit message over UDP fails. For reliable and secure message delivery with the ATNAAudit node, use the TLS transport.
Element | Description |
---|---|
SUCCESS | The action completes successfully. |
MINOR_FAILURE | The action is restarted, for example, when an invalid password is provided. |
SERIOUS_FAILURE | The action is ended, for example, when an invalid password is provided on several consecutive attempts. |
MAJOR_FAILURE | The action is made unavailable, for example, when a user account is disabled because of excessive invalid attempts to log in. |
Description | Type | Example | Recommendations |
---|---|---|---|
ATNAAudit node is sending an ATNA audit message to the audit repository. | Information BIP12068 | Sending ATNA audit message (AuditMessage) | No action is required |
Audit is disabled for this message (either through the configurable service or the node property). | Warning BIP12069 | Not sending ATNA audit message - audit is disabled (AuditMessage) | No action is required |
Configuring the ATNAAudit node
When you have added an instance of a ATNAAudit node into a message flow, you can configure it.
All mandatory properties for which you must enter a value (properties that do not have a default value defined) are marked with an asterisk.
Terminals and properties
Terminal | Description |
---|---|
In | The terminal to which an XML audit message is routed for sending to an ATNA audit repository. |
Out | The output terminal to which the XML audit message is routed after the ATNA audit message is sent to an ATNA audit repository. No changes are made to the XML audit message. |
The following tables describe the node properties. The column headed M indicates whether the property is mandatory (marked with an asterisk if you must enter a value when no default is defined); the column headed C indicates whether the property is configurable (you can change the value when you add the message flow to the broker archive (BAR) file to deploy it).
Property | M | C | Default | Description |
---|---|---|---|---|
Node name | Yes | No | ATNAAudit | The name of the node. |
Short description | No | No | A brief description of the node. | |
Long description | No | No | Text that describes the purpose of the node in the message flow. |
Property | M | C | Default | Description |
---|---|---|---|---|
Audit enabled | No | Yes | Selected | Determines whether this node sends ATNA audit messages or not. Note: ATNA audit messages are only
sent from an ATNAAudit node
when the Audit enabled property is selected in the ATNAAudit node and the auditEnabled property
is set to true in the configurable service,
see Enabling message flows to send ATNA audit messages.
|