PingAccess

Logging iovation events

Update the PingAccess logging file to include iovation events. This procedure modifies the existing <PA_HOME>/conf/log4j2.xml file to log communications with iovation to a new file.

If you operate PingAccess in a cluster, you must perform this procedure on every node.

Steps

  1. In the <PA_HOME>/conf/log4j2.xml file, go to the Appenders section. Add a new RollingFile appender to define and create a new log file for iovation events.

    In the following example, the log file name becomes <PA_HOME>/log/pingaccess_iovation_audit.log.

    Example:

    <RollingFile name="Iovation-File"
                         fileName="${sys:pa.home}/log/pingaccess_iovation_audit.log"
                         filePattern="${sys:pa.home}/log/pingaccess_iovation_audit.%d{yyyy-MM-dd}.log"
                         ignoreExceptions="false">
                <PatternLayout>
                    <pattern>%d{ISO8601}| %X{exchangeId}| %X{IOVATION_AUDIT.trackingNumber} | %X{IOVATION_AUDIT.deviceAlias} | %X{IOVATION_AUDIT.accountCode} | %X{IOVATION_AUDIT.result} | %X{IOVATION_AUDIT.reason} | %X{IOVATION_AUDIT.ruleName} | %X{IOVATION_AUDIT.iovationId} | %X{IOVATION_AUDIT.statedIp} %n</pattern>
                </PatternLayout>
                <Policies>
                    <TimeBasedTriggeringPolicy/>
                </Policies>
    </RollingFile>

    This example uses the following variables:

    Variables
    Variable Definition

    %d

    The transaction time.

    exchangeId

    The ID for a specific request and response pair.

    IOVATION_AUDIT.trackingNumber

    A unique ID that iovation assigns to the transaction. This ID can be used to locate the transaction in searches and reports.

    IOVATION_AUDIT.deviceAlias

    The iovation identifier for the requesting device. If a blackbox isn’t present during the iovation authorization request, the value becomes 0.

    IOVATION_AUDIT.accountCode

    The value of the accountCode attribute for the transaction.

    IOVATION_AUDIT.result

    The iovation risk check result. Possible values are:

    A

    Accept

    D

    Deny

    R

    Review

    IOVATION_AUDIT.reason

    The iovation admin-specified value corresponding to the iovation rule that contributed most to the result.

    IOVATION_AUDIT.ruleName

    The name of the PingAccess rule responsible for this iovation Fraud check.

    IOVATION_AUDIT.iovationId

    A unique ID that iovation provides for the request.

    IOVATION_AUDIT.statedIp

    The Internet Protocol (IP) address of the requesting client. This value is provided as the statedIp of the iovation Fraud API request.

  2. Go to the Loggers section. Add a new Logger entry to enable logging and configure the level of detail you want to record.

    Example:

    <Logger name="iovationaudit" level="INFO" additivity="false">
          <AppenderRef ref="Iovation-File"/>
    </Logger>

    You can find more information about log levels in Configuring log levels.

  3. Restart PingAccess to make your changes take effect.