We have nexus oss version 3.18 installed and I am trying to figure out how to see user logins in the nexus logs (nexus.log and request.log). We are using Single Sign On and the only thing i have noticed that is being captured is events with the following format
To make matters more complicated there are 100’s of these being generated as soon as a user logs into the NEXUS via the URL. I do not see just one event that can show me that the user logged in succesfully to NEXUS.
The second issue is, when a user logs in, I do not see any URL access logs to show what URL each user is using.
The log entry you shared is a TRACE level log, so no wonder you’re getting hundreds of them. TRACE logs are not meant to be consumed by administrators, and they should be disabled by default as they will produce tons of output. Perhaps what you are looking for is similar to: org.sonatype.nexus.rapture.internal.security.SessionServlet - Created session for user: admin - this is INFO level log and you can find it in nexus.log. URL access logs are stored in request.log. You should be able to see all this information (and no TRACE logs) using default logger settings as shipped with NXRM.
The request log is not showing a relationship between the URL that users navigate to in the GUI and their USER ID. We are not able to map the two. We also created the logger you mentioned and we are still not able to see user logins.
We also want to be able to know when a user goes into the server administration and configuration areas of the gui and want to be able to track that.
Yes I have already enabled that which ends up writing to an audit.log file. However inside that log file I am only still seeing artifact actions, not gui tracking. I am not sure if sonatype is built to track what url a user goes to inside nexus.