Logging iovation events
Update the PingAccess logging file to log iovation events.
About this task
This procedure modifies the existing PA_HOME/conf/log4j2.xml
file to log communications with iovation to a new log file. In a clustered environment, you must perform this procedure on every node.
Steps
-
Edit the
PA_HOME/conf/log4j2.xml
file. -
Locate the Appenders section and add a section to create the new log file.
Example:
<RollingFile name="Iovation-File" fileName="${sys:pa.home}/log/pingaccess_iovation_audit.log" filePattern="${sys:pa.home}/log/pingaccess_iovation_audit.%d{yyyy-MM-dd}.log" ignoreExceptions="false"> <PatternLayout> <pattern>%d{ISO8601}| %X{exchangeId}| %X{IOVATION_AUDIT.trackingNumber} | %X{IOVATION_AUDIT.deviceAlias} | %X{IOVATION_AUDIT.accountCode} | %X{IOVATION_AUDIT.result} | %X{IOVATION_AUDIT.reason} | %X{IOVATION_AUDIT.ruleName} | %X{IOVATION_AUDIT.iovationId} | %X{IOVATION_AUDIT.statedIp} %n</pattern> </PatternLayout> <Policies> <TimeBasedTriggeringPolicy/> </Policies> </RollingFile>
This example uses a log file name of
PA_HOME/log/pingaccess_iovation_audit.log
.The following variables are used in this example.
Variable Definition %d
The transaction time.
exchangeId
The ID for a specific request/response pair.
IOVATION_AUDIT.trackingNumber
An iovation-assigned unique ID for the transaction that can be used to locate the transaction in searches and reports.
IOVATION_AUDIT.deviceAlias
The iovation identifier for the requesting device. If no blackbox is present at the time of the iovation authorization request, a value of 0 is used.
IOVATION_AUDIT.accountCode
The value of the
accountCode
attribute for the transaction.IOVATION_AUDIT.result
The iovation risk check result. Valid values are:
-
A – Accept
-
D – Deny
-
R – Review
IOVATION_AUDIT.reason
The iovation admin-specified value corresponding to the iovation rule that contributed most to the result.
IOVATION_AUDIT.ruleName
The name of the PingAccess rule responsible for this iovation Fraud check.
IOVATION_AUDIT.iovationId
A unique ID provided by iovation for the request.
IOVATION_AUDIT.statedIp
The Internet Protocol (IP) address of the requesting client. This value is provided as the statedIp of the iovation Fraud API request.
-
-
Locate the Loggers section and add an entry to enable logging.
Example:
<Logger name="iovationaudit" level="INFO" additivity="false"> <AppenderRef ref="Iovation-File"/> </Logger>
-
Restart PingAccess.