Implementing the Classic Logging Service
Note
AM supports two Audit Logging Services: the classic Logging Service, which is based on a Java SDK and is available in AM versions prior to AM 5.0, and a common REST-based Audit Logging Service. The classic Logging Service is deprecated.
To configure AM logging properties, log in to the AM console as AM administrator, and navigate to Configure > Global Services > Logging.
For more information on the available settings, see "Audit Logging" reference.
Audit Logging to Flat Files
By default, AM audit logs are written to files in the configuration directory for the instance, such as $HOME/openam/log/
.
AM sends messages to different log files, each named after the service logging the message, with two different types log files per service: .access
and.error
. Thus, the current log files for the authentication service are named amAuthentication.access
and amAuthentication.error
.
For details, see Log Files and Messages.
Audit Logging to a Syslog Server
AM supports sending audit log messages to a syslog server for collation.
You can enable syslog audit logging by using the AM console, or the ssoadm
command.
Log in to the AM console as AM administrator, for example
amAdmin
.Navigate to Configure > Global Services > Logging.
On the Syslog tab, configure the following settings as appropriate for your syslog server, and save your changes:
Syslog server host
Syslog server port
Syslog server protocol
Syslog facility
Syslog connection timeout
For information on these settings, see "Logging".
On the General tab, set the Logging Type drop-down list to
Syslog
, and save your changes.
Create a text file, for example,
MySyslogServerSettings.txt
containing the settings used when audit logging to a syslog server, as shown below:iplanet-am-logging-syslog-port=514 iplanet-am-logging-syslog-protocol=UDP iplanet-am-logging-type=Syslog iplanet-am-logging-syslog-connection-timeout=30 iplanet-am-logging-syslog-host=localhost iplanet-am-logging-syslog-facility=local5
Use the following SSOADM command to configure audit logging to a syslog server:
$
ssoadm \ set-attr-defs \ --adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \ --password-file /tmp/pwd.txt \ --servicename iPlanetAMLoggingService \ --schematype Global \ --datafile MySyslogServerSettings.txt
Schema attribute defaults were set.