Outbound provisioning audit logging

The PingFederate provisioner-audit.log file records outbound provisioning transactions, intended to facilitate security auditing.

The provisioner-audit.log log file is located in the <pf_install>/pingfederate/log directory. Outbound provisioning audit log information can be output to different formats, including database and Splunk.

The following table describes all recorded elements. Optionally, you can configure elements by editing the <pf_install>/pingfederate/server/default/conf/log4j2.xml file.

Item Description

Item	Description
%d	Transaction time.
cycle_id	The unique ID for each provisioning cycle.
channel_id	The unique ID of the provisioning channel between source and target.
event_type	The type of provisioning events, such as CREATE and UPDATE.
source_id	The provisioning Source ID.
target_id	The provisioning Target ID.
is_success	A flag to show whether the event was successful or not. If the attempt succeeded, the value is `true`; otherwise, the value is `false`.
non_success_ cause	Description of failure cause.

Transaction time.

cycle_id

The unique ID for each provisioning cycle.

channel_id

The unique ID of the provisioning channel between source and target.

event_type

The type of provisioning events, such as CREATE and UPDATE.

source_id

The provisioning Source ID.

target_id

The provisioning Target ID.

is_success

A flag to show whether the event was successful or not. If the attempt succeeded, the value is true; otherwise, the value is false.

non_success_ cause

Description of failure cause.

Logging in other formats

PingFederate Server

Outbound provisioning audit logging

Related links