PingFederate Server

Logging, reporting, and troubleshooting

This section provides an overview of the available logging, reporting, and troubleshooting features for PingFederate.

PingFederate Logs

The server.log file represents the primary troubleshooting log. Along with an HTTP trace from the browser, which can be generated from a debugging application like Fiddler, this file is helpful for identifying issues that must be resolved. The following table identifies the available PingFederate logs and summarizes their purposes.

Name Purpose

admin.log

Records the actions that users of the Administrative Console perform.

admin-event-detail.log

If detailed event logging is enabled, this log records detailed information about each applicable administrative-console event that users of the Administrative Console perform.

admin-api.log

Records the actions that users of the administrative API perform.

runtime-api.log

Records the actions that API users perform by using the OAuth Client Management Service, the OAuth Access Grant Management Service, and the Session Revocation API.

transaction.log

Records individual identity-federation runtime transactions at specified levels of detail.

audit.log

Records a selected, configurable subset of transaction log information plus additional details. Intended for security-audit and regulatory-compliance purposes.

provisioner-audit.log

Records outbound provisioning events intended for security-audit purposes.

provisioner.log

Records provisioning activity only. Useful when troubleshooting issues that relate to provisioning.

server.log

Records PingFederate runtime and administrative server activities. For more information about the primary troubleshooting log, see Creating an error-only server log.

init.log

Records only Jetty messages that are generated prior to starting PingFederate.