Logging iovation events
Update the PingAccess logging file to include iovation events. This procedure modifies the existing <PA_HOME>/conf/log4j2.xml
file to log communications with iovation to a new file.
If you operate PingAccess in a cluster, you must perform this procedure on every node. |
Steps
-
In the
<PA_HOME>/conf/log4j2.xml
file, go to the Appenders section. Add a newRollingFile
appender to define and create a new log file for iovation events.In the following example, the log file name becomes
<PA_HOME>/log/pingaccess_iovation_audit.log
.Example:
<RollingFile name="Iovation-File" fileName="${sys:pa.home}/log/pingaccess_iovation_audit.log" filePattern="${sys:pa.home}/log/pingaccess_iovation_audit.%d{yyyy-MM-dd}.log" ignoreExceptions="false"> <PatternLayout> <pattern>%d{ISO8601}| %X{exchangeId}| %X{IOVATION_AUDIT.trackingNumber} | %X{IOVATION_AUDIT.deviceAlias} | %X{IOVATION_AUDIT.accountCode} | %X{IOVATION_AUDIT.result} | %X{IOVATION_AUDIT.reason} | %X{IOVATION_AUDIT.ruleName} | %X{IOVATION_AUDIT.iovationId} | %X{IOVATION_AUDIT.statedIp} %n</pattern> </PatternLayout> <Policies> <TimeBasedTriggeringPolicy/> </Policies> </RollingFile>
This example uses the following variables:
Variables
Variable Definition %d
The transaction time.
exchangeId
The ID for a specific request and response pair.
IOVATION_AUDIT.trackingNumber
A unique ID that iovation assigns to the transaction. This ID can be used to locate the transaction in searches and reports.
IOVATION_AUDIT.deviceAlias
The iovation identifier for the requesting device. If a blackbox isn’t present during the iovation authorization request, the value becomes
0
.IOVATION_AUDIT.accountCode
The value of the
accountCode
attribute for the transaction.IOVATION_AUDIT.result
The iovation risk check result. Possible values are:
- A
-
Accept
- D
-
Deny
- R
-
Review
IOVATION_AUDIT.reason
The iovation admin-specified value corresponding to the iovation rule that contributed most to the result.
IOVATION_AUDIT.ruleName
The name of the PingAccess rule responsible for this iovation Fraud check.
IOVATION_AUDIT.iovationId
A unique ID that iovation provides for the request.
IOVATION_AUDIT.statedIp
The Internet Protocol (IP) address of the requesting client. This value is provided as the
statedIp
of the iovation Fraud API request. -
Go to the Loggers section. Add a new
Logger
entry to enable logging and configure the level of detail you want to record.Example:
<Logger name="iovationaudit" level="INFO" additivity="false"> <AppenderRef ref="Iovation-File"/> </Logger>
You can find more information about log levels in Configuring log levels.
-
Restart PingAccess to make your changes take effect.