AM 7.2.0

Audit logging

AM supports a comprehensive audit logging service that captures key auditing events, critical for system security, troubleshooting, and regulatory compliance.

Audit logs gather operational information about events that occur within an AM deployment. They track processes and security data, such as authentication mechanisms, system access, user and administrator activity, error messages, and configuration changes.

These topics describe the ForgeRockĀ® Common REST-based audit logging service available in AM. AM also supports a legacy logging service, based on a Java SDK. Note that the legacy logging service will be deprecated in a future AM release.

The audit logging service uses a structured message format that adheres to a consistent log structure across the ForgeRock Identity Platform. This common structure allows correlation between log messages of the different Platform components, if the transaction IDs are trusted. For more information, see Trust transaction headers.

Although the ForgeRock Directory Services JSON logger is enabled by default, ForgeRock transaction IDs are not trusted by default. You must set trust-transaction-ids:true to correlate DS log messages with AM log messages. For more information, see Log LDAP Access to Files > JSON Format in the DS documentation.

The following topics explain how AM audit logging works, and how to implement it:

Task Resources

Discover AM’s audit logging service

AM auditing service provides a rich set of features to help you capture events that are critical for system security, troubleshooting, and regulatory compliance.

Configure AM to log audit events

Decide how to implement your audit login service, either globally or by realm, and configure audit login handlers to store audit events into files, databases, or other stores.

Audit log reference

Check the format of the files, the names of the events, and more.

AM also supports the classic logging service, which is deprecated. For more information, see Legacy logging service.

Copyright Ā© 2010-2022 ForgeRock, all rights reserved.