---
title: AuditLogging
description: Resource path:
component: pingam
version: 8.1
page_id: pingam:entity-reference:sec-amster-entity-auditlogging
canonical_url: https://docs.pingidentity.com/pingam/8.1/entity-reference/sec-amster-entity-auditlogging.html
section_ids:
sec-amster-entity-auditlogging-realm-ops: Realm Operations
sec-amster-entity-auditlogging-realm-ops-create: create
sec-amster-entity-auditlogging-realm-ops-delete: delete
sec-amster-entity-auditlogging-realm-ops-getalltypes: getAllTypes
sec-amster-entity-auditlogging-realm-ops-getcreatabletypes: getCreatableTypes
sec-amster-entity-auditlogging-realm-ops-nextdescendents: nextdescendents
sec-amster-entity-auditlogging-realm-ops-read: read
sec-amster-entity-auditlogging-realm-ops-update: update
sec-amster-entity-auditlogging-global-ops: Global Operations
sec-amster-entity-auditlogging-global-ops-getalltypes: getAllTypes
sec-amster-entity-auditlogging-global-ops-getcreatabletypes: getCreatableTypes
sec-amster-entity-auditlogging-global-ops-nextdescendents: nextdescendents
sec-amster-entity-auditlogging-global-ops-read: read
sec-amster-entity-auditlogging-global-ops-update: update
---
# AuditLogging
## Realm Operations
Resource path:
```
/realm-config/services/audit
```
Resource version: `0.0`
### create
**Usage**
```
am> create AuditLogging --realm Realm --body body
```
**Parameters**
* *\--body*
The resource in JSON format, described by the following JSON schema:
```json
{
"type" : "object",
"properties" : {
"auditEnabled" : {
"title" : "Audit logging",
"description" : "Enable audit logging in OpenAM.",
"propertyOrder" : 100,
"required" : true,
"type" : "boolean",
"exampleValue" : ""
},
"whitelistFieldFilters" : {
"title" : "Field whitelist filters",
"description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, to record the values of the Accept-Language HTTP header in access events, the pointer is /access/http/request/headers/accept-language.",
"propertyOrder" : 200,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
},
"blacklistFieldFilters" : {
"title" : "Field blacklist filters",
"description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements.
Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, you might want to filter out surnames by hiding the sn field from activity events. To do so, add the following pointers to the Field blacklist filters list:
/activity/before/sn/activity/after/sn
",
"propertyOrder" : 300,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
}
}
}
```
### delete
**Usage**
```
am> delete AuditLogging --realm Realm
```
### getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
**Usage**
```
am> action AuditLogging --realm Realm --actionName getAllTypes
```
### getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
**Usage**
```
am> action AuditLogging --realm Realm --actionName getCreatableTypes
```
### nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
**Usage**
```
am> action AuditLogging --realm Realm --actionName nextdescendents
```
### read
**Usage**
```
am> read AuditLogging --realm Realm
```
### update
**Usage**
```
am> update AuditLogging --realm Realm --body body
```
**Parameters**
* *\--body*
The resource in JSON format, described by the following JSON schema:
```json
{
"type" : "object",
"properties" : {
"auditEnabled" : {
"title" : "Audit logging",
"description" : "Enable audit logging in OpenAM.",
"propertyOrder" : 100,
"required" : true,
"type" : "boolean",
"exampleValue" : ""
},
"whitelistFieldFilters" : {
"title" : "Field whitelist filters",
"description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, to record the values of the Accept-Language HTTP header in access events, the pointer is /access/http/request/headers/accept-language.",
"propertyOrder" : 200,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
},
"blacklistFieldFilters" : {
"title" : "Field blacklist filters",
"description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements.
Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, you might want to filter out surnames by hiding the sn field from activity events. To do so, add the following pointers to the Field blacklist filters list:
/activity/before/sn/activity/after/sn
",
"propertyOrder" : 300,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
}
}
}
```
## Global Operations
Resource path:
```
/global-config/services/audit
```
Resource version: `1.0`
### getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
**Usage**
```
am> action AuditLogging --global --actionName getAllTypes
```
### getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
**Usage**
```
am> action AuditLogging --global --actionName getCreatableTypes
```
### nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
**Usage**
```
am> action AuditLogging --global --actionName nextdescendents
```
### read
**Usage**
```
am> read AuditLogging --global
```
### update
**Usage**
```
am> update AuditLogging --global --body body
```
**Parameters**
* *\--body*
The resource in JSON format, described by the following JSON schema:
```json
{
"type" : "object",
"properties" : {
"blacklistFieldFilters" : {
"title" : "Field blacklist filters",
"description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements. Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, you might want to filter out surnames by hiding the sn field from activity events. To do so, add the following pointers to the Field blacklist filters list:
/activity/before/sn/activity/after/sn
",
"propertyOrder" : 300,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
},
"auditEnabled" : {
"title" : "Audit logging",
"description" : "Enable audit logging in OpenAM.",
"propertyOrder" : 100,
"required" : true,
"type" : "boolean",
"exampleValue" : ""
},
"whitelistFieldFilters" : {
"title" : "Field whitelist filters",
"description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, to record the values of the Accept-Language HTTP header in access events, the pointer is /access/http/request/headers/accept-language.",
"propertyOrder" : 200,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
},
"defaults" : {
"properties" : {
"auditEnabled" : {
"title" : "Audit logging",
"description" : "Enable audit logging in OpenAM.",
"propertyOrder" : 100,
"required" : true,
"type" : "boolean",
"exampleValue" : ""
},
"blacklistFieldFilters" : {
"title" : "Field blacklist filters",
"description" : "Blacklist filters can be used to remove audit event fields which are whitelisted by default. These are fields which are safe to log but which you have decided are not necessary for your requirements.
Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, you might want to filter out surnames by hiding the sn field from activity events. To do so, add the following pointers to the Field blacklist filters list:
/activity/before/sn/activity/after/sn
",
"propertyOrder" : 300,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
},
"whitelistFieldFilters" : {
"title" : "Field whitelist filters",
"description" : "OpenAM has a predefined whitelist built-in that only records values that do not contain sensitive information. Use this property to whitelist fields in addition to the built-in list. Each field filter should be provided using a JSON Pointer-like syntax which is prefixed with the event's topic. The topic will be one of access, activity, authentication, or config.
For example, to record the values of the Accept-Language HTTP header in access events, the pointer is /access/http/request/headers/accept-language.",
"propertyOrder" : 200,
"required" : false,
"items" : {
"type" : "string"
},
"type" : "array",
"exampleValue" : ""
}
},
"type" : "object",
"title" : "Realm Defaults"
}
}
}
```