---
title: Enabling debug logging
description: To help with troubleshooting or monitoring, you can turn on activity logging for PingFederate, the PingOne Risk IdP Adapter, or both.
component: pingone
page_id: pingone:pingone_risk_integration_kit:pf_p1_risk_ik_enabling_debug_logging
canonical_url: https://docs.pingidentity.com/integrations/pingone/pingone_risk_integration_kit/pf_p1_risk_ik_enabling_debug_logging.html
revdate: June 20, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
  choose-from: Choose from:
---

# Enabling debug logging

To help with troubleshooting or monitoring, you can turn on activity logging for PingFederate, the PingOne Risk IdP Adapter, or both.

## About this task

This task is optional. You can use logging for troubleshooting or analytics.

Learn more about logging in [Enabling debug messages and console logging](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_enabling_debug_message_and_console_logging.html) in the PingFederate documentation.

## Steps

1. Open the `<pf_install>/pingfederate/server/default/conf/log4j2.xml` file for editing.

2. To log activity for PingFederate and all adapters:

   1. Find the following section in the file.

      ```html
      <AsyncRoot level="INFO" includeLocation="false">
      	<!-- <AppenderRef ref="CONSOLE" /> -->
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

   2. Change `INFO` to `DEBUG`.

      The following code snippet shows `DEBUG` in bold for visibility.

      ```html
      <AsyncRoot level="DEBUG" includeLocation="false">
      	<!-- <AppenderRef ref="CONSOLE" /> -->
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

   3. **Optional:** To see the adapter activity in the console as well as the log file, remove the comment tags (`<!--` and `-->`) that surround the `CONSOLE` line.

      ```html
      <AsyncRoot level="INFO" includeLocation="false">
      	<AppenderRef ref="CONSOLE" />
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

3. If you want to log activity relating to the PingOne Risk IdP Adapter, do one of the following:

   |   |                                                                                                                                                         |
   | - | ------------------------------------------------------------------------------------------------------------------------------------------------------- |
   |   | You can use this information with a third-party log analysis tool to monitor for important events, such as when a sign-on event has a high-risk Result. |

   ### Choose from:

   * To log activity for the PingOne Risk IdP Adapter as well as its HTTPS and component activity, add the following line.

     ```html
     <Logger name="com.pingidentity.adapters.pingone.risk" level="DEBUG"/>
     ```

   * To log activity for the adapter's HTTPS activity and other components but not the adapter itself, add the following line.

     ```html
     <Logger name="com.pingidentity.adapters.pingone.risk.shade" level="DEBUG"/>
     ```

   * To log activity for the PingOne Risk IdP Adapter but not its HTTPS or component activity, add the following lines.

     ```html
     <Logger name="com.pingidentity.adapters.pingone.risk" level="DEBUG"/>
     <Logger name="com.pingidentity.adapters.pingone.risk.shade" level="INFO"/>
     ```

4. Save the file.