Does Identity Cloud include an audit logging service?
ForgeRock Identity Cloud includes a REST-based Audit Logging Service that can be accessed via a read-only API.
Identity Cloud audit logging service
Audit logs gather operational information about events occurring within a deployment to track processes and security data, including authentication mechanisms, system access, user and administrator activity, error messages, and configuration changes. Audit logs are commonly consumed by third-party SIEM and analytics solutions, such as FireEye®, Guardian Analytics®, Logstash and Splunk®.
The Identity Cloud audit log is accessed via a read-only API using API keys. Your Identity Cloud tenant administrators manage the creation and deletion of the API keys and how they are distributed.
Audit data is held for 30 days and is available to be downloaded via a REST API.
See Also
FAQ: Identity Cloud audit log security
What logging sources are available in Identity Cloud?
Does the ForgeRock Identity Platform include an audit logging service?