--- title: JSON File Based Access Log Publisher description: JSON File Based Access Log Publishers publish access messages to JSON files. component: pingds version: 8.1 page_id: pingds:configref:objects-json-file-access-log-publisher canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-json-file-access-log-publisher.html section_ids: parent: Parent dependencies: Dependencies json_file_based_access_log_publisher_properties: JSON File Based Access Log Publisher properties basic_properties: Basic properties enabled: enabled filtering-policy: filtering-policy log-controls: log-controls log-directory: log-directory log-field-blacklist: log-field-blacklist log-file-name-prefix: log-file-name-prefix log-file-permissions: log-file-permissions retention-policy: retention-policy rotation-policy: rotation-policy advanced_properties: Advanced properties exclude-values-of-attributes: exclude-values-of-attributes include-values-of-attributes: include-values-of-attributes java-class: java-class log-modified-attribute-values: log-modified-attribute-values suppress-internal-operations: suppress-internal-operations suppress-synchronization-operations: suppress-synchronization-operations --- # JSON File Based Access Log Publisher JSON File Based Access Log Publishers publish access messages to JSON files. ## Parent The JSON File Based Access Log Publisher object inherits from [Common Audit Access Log Publisher](objects-common-audit-access-log-publisher.html). ## Dependencies JSON File Based Access Log Publishers depend on the following objects: * [Log Retention Policy](objects-log-retention-policy.html) * [Log Rotation Policy](objects-log-rotation-policy.html) ## JSON File Based Access Log Publisher properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [enabled](#enabled) [filtering-policy](#filtering-policy) [log-controls](#log-controls) [log-directory](#log-directory) [log-field-blacklist](#log-field-blacklist) [log-file-name-prefix](#log-file-name-prefix) [log-file-permissions](#log-file-permissions) [retention-policy](#retention-policy) [rotation-policy](#rotation-policy) | [exclude-values-of-attributes](#exclude-values-of-attributes) [include-values-of-attributes](#include-values-of-attributes) [java-class](#java-class) [log-modified-attribute-values](#log-modified-attribute-values) [suppress-internal-operations](#suppress-internal-operations) [suppress-synchronization-operations](#suppress-synchronization-operations) | ### Basic properties Use the `--advanced` option to access advanced properties. ### enabled | | | | ----------------------- | ------------------------------------------------------- | | *Synopsis* | Indicates whether the Log Publisher is enabled for use. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### filtering-policy | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Specifies how filtering criteria should be applied to log records. | | *Default value* | no-filtering | | *Allowed values* | * exclusive: Records must not match any of the filtering criteria in order to be logged. * inclusive: Records must match at least one of the filtering criteria in order to be logged. * no-filtering: No filtering will be performed, and all records will be logged. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### log-controls | | | | ----------------------- | ------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies whether controls with criticality and values will be included in operation log records. | | *Default value* | true | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### log-directory | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The directory to use for the log files generated by the JSON File Based Access Log Publisher. The path to the directory is relative to the server root. | | *Default value* | logs | | *Allowed values* | A path to an existing file that is readable (and/or writeable) by the server. | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### log-field-blacklist | | | | ----------------------- | --------------------------------------------------------------------------------- | | *Synopsis* | List of fields that the server omits from access log messages. | | *Description* | Valid values for this property are JSON paths for fields present in the log file. | | *Default value* | No message elements are blacklisted by default | | *Allowed values* | A JSON path to an existing object of the access event definition. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### log-file-name-prefix | | | | ----------------------- | --------------------------------------------------------------------------------------- | | *Synopsis* | File name prefix (without extension) for CSV and JSON file based access log publishers. | | *Default value* | ldap-access | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | No | | *Read-only* | No | ### log-file-permissions | | | | ----------------------- | ------------------------------------------------------------------------------------------- | | *Synopsis* | The UNIX permissions of the log files created by this JSON File Based Access Log Publisher. | | *Default value* | 640 | | *Allowed values* | A valid UNIX mode string. The mode string must contain three digits between zero and six. | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### retention-policy | | | | ----------------------- | --------------------------------------------------------------------------------------------------- | | *Synopsis* | The retention policy to use for the JSON File Based Access Log Publisher. | | *Description* | When multiple policies are used, log files are cleaned when any of the policy's conditions are met. | | *Default value* | No retention policy is used and log files are never cleaned. | | *Allowed values* | The name of an existing [log-retention-policy](objects-log-retention-policy.html). | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### rotation-policy | | | | ----------------------- | ---------------------------------------------------------------------------------------- | | *Synopsis* | The rotation policy to use for the JSON File Based Access Log Publisher. | | *Description* | When multiple policies are used, rotation will occur if any policy's conditions are met. | | *Default value* | No rotation policy is used and log rotation will not occur. | | *Allowed values* | The name of an existing [log-rotation-policy](objects-log-rotation-policy.html). | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### exclude-values-of-attributes | | | | ----------------------- | -------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Attributes types targeted by a modify operation for which the modified values should be omitted from the access log. | | *Default value* | None | | *Allowed values* | The name of an attribute type defined in the LDAP schema. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### include-values-of-attributes | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Attributes types targeted by a modify operation for which the modified values should be included in the access log. | | *Default value* | None | | *Allowed values* | The name of an attribute type defined in the LDAP schema. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### java-class | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The fully-qualified name of the Java class that provides the JSON File Based Access Log Publisher implementation. | | *Default value* | org.opends.server.loggers.JsonFileAccessLogPublisher | | *Allowed values* | A Java class that extends or implements:- org.opends.server.loggers.LogPublisher | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### log-modified-attribute-values | | | | ----------------------- | -------------------------------------------------------------------------------- | | *Synopsis* | The access log contains the values of attributes targeted by a modify operation. | | *Default value* | false | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### suppress-internal-operations | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users. | | *Default value* | true | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### suppress-synchronization-operations | | | | ----------------------- | -------------------------------------------------------------------------------------------------------- | | *Synopsis* | Indicates whether access messages that are generated by synchronization operations should be suppressed. | | *Default value* | false | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No |