PingFederate Server

Outbound provisioning audit logging

The PingFederate provisioner-audit.log file records outbound provisioning transactions, intended to facilitate security auditing.

The provisioner-audit.log log file is located in the <pf_install>/pingfederate/log directory. Outbound provisioning audit log information can be output to different formats, including database and Splunk.

The following table describes all recorded elements. Optionally, you can configure elements by editing the <pf_install>/pingfederate/server/default/conf/log4j2.xml file.

Item Description

%d

Transaction time.

cycle_id

The unique ID for each provisioning cycle.

channel_id

The unique ID of the provisioning channel between source and target.

event_type

The type of provisioning events, such as CREATE and UPDATE.

source_id

The provisioning Source ID.

target_id

The provisioning Target ID.

is_success

A flag to show whether the event was successful or not. If the attempt succeeded, the value is true; otherwise, the value is false.

non_success_ cause

Description of failure cause.