Audit Log Include Paths
A list of JSON paths to include in audit logs. Audit event fields use JSON pointer notation and are taken from the JSON schema for the audit event content.
To prevent logging of sensitive data for an audit event, the Common Audit Framework uses a safelist to specify which audit event fields appear in the logs. By default, only safelisted audit event fields are included in the logs.
| Before you include non-safelisted audit event fields in the logs, consider the impact on security. Inclusion of some headers, query parameters, or cookies could cause credentials or tokens to be logged, and allow anyone with access to the logs to impersonate the holder of these credentials or tokens. |
Audit Log Exclude Paths takes precedence over this property. If a path is specified here and in Audit Log Exclude Paths, the corresponding audit event field is excluded.
The following example excludes Header1 but includes Header2 and Cookie1:
org.forgerock.agents.audit.exclude.path.list[0]=/access/http/request/headers/Header1Name
org.forgerock.agents.audit.include.path.list[0]=/access/http/request/headers/Header2Name
org.forgerock.agents.audit.include.path.list[1]=/access/http/request/cookies/Cookie1Name
Property name |
|
Aliases |
|
Function |
Audit |
Type |
List |
Bootstrap property |
Yes |
Required property |
No |
Restart required |
Yes - Restart the container after changing the property |
Local configuration file |
|