---
title: Enabling debug logging
description: To help with troubleshooting or monitoring, you can turn on activity logging for PingFederate, the ThreatMetrix IdP Adapter, or both.
component: threatmetrix
page_id: threatmetrix:troubleshooting:pf_threatmetrix_ik_enabling_debug_logging
canonical_url: https://docs.pingidentity.com/integrations/threatmetrix/troubleshooting/pf_threatmetrix_ik_enabling_debug_logging.html
revdate: October 28, 2025
section_ids:
  about-this-task: About this task
  steps: Steps
  choose-from: Choose from:
---

# Enabling debug logging

To help with troubleshooting or monitoring, you can turn on activity logging for PingFederate, the ThreatMetrix IdP Adapter, or both.

## About this task

This task is optional. You can use logging for troubleshooting or analytics.

You can find general information about logging in [Enabling debug messages and console logging](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_enabling_debug_message_and_console_logging.html) in the PingFederate documentation.

## Steps

1. Open the `<pf_install>/pingfederate/server/default/conf/log4j2.xml` file for editing.

2. To log activity for PingFederate and all adapters:

   1. Find the following section in the file:

      ```html
      <AsyncRoot level="INFO" includeLocation="false">
      	<!-- <AppenderRef ref="CONSOLE" /> -->
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

   2. Change `INFO` to `DEBUG`:

      The following code snippet shows `DEBUG` in bold for visibility.

      ```html
      <AsyncRoot level="DEBUG" includeLocation="false">
      	<!-- <AppenderRef ref="CONSOLE" /> -->
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

   3. (Optional) To see the adapter activity in the console as well as the log file, remove the comment tags (`<!--` and `-→`) that surround the `CONSOLE` line.

      ```html
      <AsyncRoot level="INFO" includeLocation="false">
      	<AppenderRef ref="CONSOLE" />
      	<AppenderRef ref="FILE" />
      </AsyncRoot>
      ```

3. To log activity relating to the ThreatMetrix IdP Adapter, do one of the following.

   ### Choose from:

   * To log activity for the ThreatMetrix IdP Adapter as well as its HTTPS and component activity, add the following line:

     ```html
     <Logger name="com.pingidentity.adapters.threatmetrix" level="DEBUG"/>
     ```

   * To log activity for the adapter's HTTPS activity and other components but not the adapter itself, add the following line:

     ```
     <Logger name="{logging-class}.shade" level="DEBUG"/>
     ```

   * To log activity for the ThreatMetrix IdP Adapter but not its HTTPS or component activity, add the following lines:

     ```html
     <Logger name="com.pingidentity.adapters.threatmetrix" level="DEBUG"/>
     <Logger name="com.pingidentity.adapters.threatmetrix.shade" level="INFO"/>
     ```

   |   |                                                                                                                                                                |
   | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
   |   | You can use this information with a third-party log analysis tool to monitor for important events, such as when a sign-on event has a high-risk review status. |

4. Save the file.