--- title: Legacy logging service (deprecated) description: This service is deprecated and will be removed in a future AM release. You should use the audit logging service instead. component: pingam version: 7.5 page_id: pingam:security:legacy-logging canonical_url: https://docs.pingidentity.com/pingam/7.5/security/legacy-logging.html keywords: ["Security", "Setup & Configuration"] page_aliases: ["configuring-legacy-audit-logging-svc", "security-guide:legacy-logging.adoc"] section_ids: log-mgmt-core: Log to flat files log-mgmt-syslog: Log to a syslog server enable-syslog-audit-logging-console: Syslog logging (UI) enable-syslog-audit-logging-SSOADM: Syslog logging (ssoadm) --- # Legacy logging service (deprecated) | | | | - | ---------------------------------------------------------------------------------------------------------------------------------------------- | | | This service is deprecated and will be removed in a future AM release. You should use the [audit logging](audit-logging.html) service instead. | To configure the legacy logging service, go to Configure > Global Services > Logging. For more information on the configuration, refer to the [audit logging reference](../reference/global-services-configuration.html#global-audit). ## Log to flat files By default, AM audit logs are written to files in the instance's configuration directory, such as `$HOME/openam/log/`. AM sends messages to different log files, each named after the service logging the message, with two different types log files per service: `.access` and`.error`. Thus, the current log files for the authentication service are named `amAuthentication.access` and `amAuthentication.error`. For details, see [Log files and messages (deprecated)](../reference/log-messages.html). ## Log to a syslog server AM supports sending audit log messages to a syslog server for collation. You can enable syslog audit logging by using the AM admin UI, or the `ssoadm` command. ### Syslog logging (UI) 1. In the AM admin UI, go to Configure > Global Services > Logging. 2. On the Syslog tab, configure the following settings as appropriate for your syslog server, and save your changes: * `Syslog server host` * `Syslog server port` * `Syslog server protocol` * `Syslog facility` * `Syslog connection timeout` For information on these settings, see [Logging](../reference/global-services-configuration.html#global-logging). 3. On the General tab, set the Logging Type drop-down list to `Syslog`, and save your changes. ### Syslog logging (`ssoadm`) 1. Create a text file, for example, `MySyslogServerSettings.txt`, containing the settings used when audit logging to a syslog server: ```properties iplanet-am-logging-syslog-port=514 iplanet-am-logging-syslog-protocol=UDP iplanet-am-logging-type=Syslog iplanet-am-logging-syslog-connection-timeout=30 iplanet-am-logging-syslog-host=localhost iplanet-am-logging-syslog-facility=local5 ``` 2. Use the following `ssoadm` command to configure audit logging to a syslog server: ```bash $ ssoadm \ set-attr-defs \ --adminid uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org \ --password-file /tmp/pwd.txt \ --servicename iPlanetAMLoggingService \ --schematype Global \ --datafile MySyslogServerSettings.txt Schema attribute defaults were set. ```