---
title: Enabling sideband traffic logging
description: Enable sideband audit logging, including end-user transactions captured by the sideband client request.
component: pingaccess
version: 9.0
page_id: pingaccess:configuring_and_customizing_pingaccess:pa_enabling_sideband_traffic_logging
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/configuring_and_customizing_pingaccess/pa_enabling_sideband_traffic_logging.html
revdate: June 26, 2023
section_ids:
  steps: Steps
  example: Example:
  example-2: Example:
  result: Result
---

# Enabling sideband traffic logging

Enable sideband audit logging, including end-user transactions captured by the sideband client request.

## Steps

1. Edit the `<PA_HOME>/conf/log4j2.xml` file.

2. In the Logger section, uncomment the `AppenderRef` element for the sideband audit log HAR file.

   ### Example:

   ```
          <!-- Audit Log Configuration-->
           ...
           <Logger name="sidebandaudit" level="INFO" additivity="false">
               <AppenderRef ref="SidebandAuditLog-File"/>
               <!--<AppenderRef ref="SidebandAuditLog-Database-Failover"/>-->
               <!--<AppenderRef ref="SidebandAuditLog-SQLServer-Database-Failover"/>-->
               <!--<AppenderRef ref="SidebandAuditLog-PostgreSQL"/>-->
               <!--<AppenderRef ref="SidebandAudit2Splunk"/>-->
               <AppenderRef ref="SidebandAuditLog-HarFile"/>
           </Logger>
   ```

3. In the Appenders section, uncomment the `RollingFile` element for the engine audit log HAR file.

   ### Example:

   ```
       <Appenders>
           ...
           <RollingFile name="SidebandAuditLog-HarFile"
                        fileName="${sys:pa.home}/log/pingaccess_sideband_audit_har.log"
                        filePattern="${sys:pa.home}/log/pingaccess_sideband_audit_har.%d{yyyy-MM-dd}.log"
                        ignoreExceptions="false">
               <StatusCodeRegExFilter regex="5.."/>
               <HarLogLayout clientBodySizeLimit="16384" appBodySizeLimit="16384">
                   <KeyValuePair key="AUDIT.metadata" value="true"/>
                   <KeyValuePair key="AUDIT.http-client" value="true"/>
                   <KeyValuePair key="AUDIT.http-app" value="true"/>
               </HarLogLayout>
               <Policies>
                   <TimeBasedTriggeringPolicy />
               </Policies>
           </RollingFile>
           ...
       </Appenders>
   ```

4. **Optional:** To filter the entries to add to the log file, edit the value of the `StatusCodeRegExFilter` element.

5. **Optional:** To specify what information to log, add or edit the values in the `HarLogLayout` section of the `RollingFile` element.

   You can add or edit metadata, client response, and app response values. For more information, see [Traffic logging reference](pa_traffic_logging_ref.html).

## Result

Logging begins when the configuration reloads. The configuration reloads at regular intervals according to the `monitorInterval` value.