Runtime APIs audit log
PingFederate records actions performed through the OAuth Client Management Service, the OAuth Access Grant Management Service, and the Session Revocation API in the <pf_install>/pingfederate/log/runtime-api.log file.
While the events are not configurable, Log4j 2 configuration settings in the <pf_install>/pingfederate/server/default/conf/log4j2.xml file can be adjusted to deliver the desired level of detail surrounding each event.
Each log entry contains information relating to the event, including:
-
Time the event occurred on the PingFederate server
-
Administrator username performing the action
-
Authentication method
-
Client IP
-
HTTP method
-
REST endpoint
-
HTTP status code
Each of these fields is separated by a vertical pipe (\|) for ease of parsing.