---
title: Audit logging
description: AM's common REST-based audit logging service captures key auditing events, critical for system security, troubleshooting, and regulatory compliance.
component: pingam
version: 8
page_id: pingam:security:audit-logging
canonical_url: https://docs.pingidentity.com/pingam/8/security/audit-logging.html
keywords: ["Security", "Compliance"]
page_aliases: ["security-guide:audit-logging.adoc"]
---

# Audit logging

AM's common REST-based audit logging service captures key auditing events, critical for system security, troubleshooting, and regulatory compliance.

Audit logs gather operational information about events that occur within an AM deployment. They track processes and security data, such as authentication mechanisms, system access, user and administrator activity, error messages, and configuration changes.

The audit logging service uses a structured message format that adheres to a consistent log structure across the Ping Advanced Identity Software. This common structure allows correlation between log messages of the different Platform components, if the transaction IDs are *trusted*. For more information, see [Trust transaction headers](implementing-audit.html#configuring-trusttransactionheader-system-property).

|   |                                                                                                                                                                                                                                                                                                                                                                                               |
| - | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | Although the PingDS JSON logger is enabled by default, transaction IDs are not trusted by default. You must set `trust-transaction-ids:true` to correlate DS log messages with AM log messages. For more information, see [Log LDAP Access to Files > JSON Format](https://docs.pingidentity.com/pingds/8/logging-guide/ldap-access.html#log-common-audit-ldap-json) in the DS documentation. |

The following topics explain how AM audit logging works, and how to implement it:

| Task                                                                                                                                                                                                                | Resources                                                |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------- |
| **Discover AM's audit logging service**AM auditing service provides a rich set of features to help you capture events that are critical for system security, troubleshooting, and regulatory compliance.            | See [Audit logging service](audit-logs.html).            |
| **Configure AM to log audit events**Decide how to implement your audit login service, either globally or by realm, and configure audit login handlers to store audit events into files, databases, or other stores. | See [Implement audit logging](implementing-audit.html).  |
| **Audit log reference**Check the format of the files, the names of the events, and more.                                                                                                                            | See [Audit logging reference](sec-maint-audit-ref.html). |