Log Files

This section describes the different classic Logging Service log files.

Audit Log Files

This chapter describes classic Logging Service audit log files:

Audit logs record information about events. You can adjust the amount of detail in the administrative logs under Configuration > System > Logging.

amAuthentication.access

Contains log data for when users log into and out of an instance, including failed authentications

amAuthentication.error

Contains log data about errors encountered when users login and out of an instance

amConsole.access

Contains data about actions run as the administrator in the console, including changes to realms and policies

amConsole.error

Contains data on errors encountered during administrator sessions

amPolicy.access

Contains data about authorization actions permitted by policies, including policy creation, removal, or modification

amPolicy.error

Contains data on errors encountered during actions related to the policy

amPolicyDelegation.access

Contains data about actions as part of the policy delegation, including any changes to the delegation

amRemotePolicy.access

Contains data about policies accessed remotely

amRest.access

Contains data about access to REST endpoints

amRest.authz

Contains data about authorizations to access REST endpoints

amSSO.access

Contains data about user sessions, including times of access, session time outs, session creation, and session termination for stateful sessions; contains data about session creation and session termination for stateless sessions

CoreToken.access

Contains data about actions run against the core token

CoreToken.error

Contains data on errors encountered regarding the core token

COT.access

Contains data about the circle of trust

COT.error

Contains data on errors encountered for the circle of trust

Entitlement.access

Contains data about entitlement actions or changes

OAuth2Provider.access

Contains data about actions for the OAuth 2.0 provider

OAuth2Provider.error

Contains data about errors encountered by the OAuth 2.0 provider

SAML2.access

Contains data about SAML 2 actions, including changes to assertions, artifacts, response, and requests

SAML2.error

Contains data about errors encountered during SAML 2 actions

SAML.access

Contains data about SAML actions, including changes to assertions, artifacts, response, and requests

SAML.error

Contains data about errors encountered during SAML actions

ssoadm.access

Contains data about actions completed for SSO as admin

WebServicesSecurity.access

Contains data about activity for Web Services Security

WebServicesSecurity.error

Contains data on errors encountered by Web Services Security

WSFederation.access

Contains data about activity for WS Federation, including changes and access information

WSFederation.error

Contains data on errors encountered during WS Federation

Debug Log Files

Debug log files provide information to help troubleshoot problems.

The number of messages logged to the debug log files depends on the debug logging level. The default debug logging level is Error. Using other logging levels such as Warning or Message may increase the number of debug log messages and files.

When configured with the Message logging level, a server instance can produce more than a hundred debug log files. Use the debug log file names to determine the type of troubleshooting information in each file. For example, the command-line interface logs debug messages to the amCLI debug file. The OAuth2 provider logs debug messages to the OAuth2Provider debug file. The Naming Service logs messages to the amNaming debug file.

For information about configuring the location and verbosity of debug log files, see "SNMP Monitoring (Legacy)".

Read a different version of :