Audits and Logs

Audit Trails

Audits in IG record access to a route. Audit logs in operating systems detect system login attempts and changes to the software.

The IG audit logging service adheres to the log structure common across the ForgeRock Identity Platform. For information, see Auditing Your Deployment.

Prevent logging of sensitive data for audit events by excluding fields from the audit logs. For information, see Including or Excluding Audit Event Fields In Logs.

Log Files

Logs in IG contain informational, error, and warning events, to troubleshoot and debug transactions and events that take place within the IG instance.

When using a CaptureDecorator, mask captured header and attribute values to avoid disclosing information, such as token values or passwords. For information, see CaptureDecorator.

Limit the number of repeat log messages to prevent log flow attacks, by adding a custom logback.xml with a DuplicateMessageFilter. For information, see Limit Repetitive Log Messages.