Java Agents 2024.6

Audit Log Include Paths

A list of JSON paths to include in audit logs. Audit event fields use JSON pointer notation and are taken from the JSON schema for the audit event content.

To prevent logging of sensitive data for an audit event, the Common Audit Framework uses a safelist to specify which audit event fields appear in the logs. By default, only safelisted audit event fields are included in the logs.

Before you include non-safelisted audit event fields in the logs, consider the impact on security. Inclusion of some headers, query parameters, or cookies could cause credentials or tokens to be logged, and allow anyone with access to the logs to impersonate the holder of these credentials or tokens.

Audit Log Exclude Paths takes precedence over this property. If a path is specified here and in Audit Log Exclude Paths, the corresponding audit event field is excluded.

The following example excludes Header1 but includes Header2 and Cookie1:

org.forgerock.agents.audit.exclude.path.list[0]=/access/http/request/headers/Header1Name

org.forgerock.agents.audit.include.path.list[0]=/access/http/request/headers/Header2Name

org.forgerock.agents.audit.include.path.list[1]=/access/http/request/cookies/Cookie1Name

Property name

org.forgerock.agents.audit.include.path.list

Aliases

org.forgerock.agents.audit.include.path.list
  Introduced in Java Agent 2024.6
  Recognized from AM 7.1

Function

Audit

Type

List

Bootstrap property

Yes

Required property

No

Restart required

Yes - Restart the container after changing the property

Local configuration file

AgentBootstrap.properties