--- title: Outbound provisioning audit logging description: The PingFederate provisioner-audit.log file records outbound provisioning transactions, intended to facilitate security auditing. component: pingfederate version: 13.1 page_id: pingfederate:administrators_reference_guide:pf_outbound_provis_audit_loggin canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/pf_outbound_provis_audit_loggin.html llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md revdate: July 5, 2022 section_ids: related-links: Related links --- # Outbound provisioning audit logging The PingFederate `provisioner-audit.log` file records outbound provisioning transactions, intended to facilitate security auditing. The `provisioner-audit.log` log file is located in the `/pingfederate/log` directory. Outbound provisioning audit log information can be output to different formats, including database and Splunk. The following table describes all recorded elements. Optionally, you can configure elements by editing the `/pingfederate/server/default/conf/log4j2.xml` file. | Item | Description | | -------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | | %d | Transaction time. | | cycle\_id | The unique ID for each provisioning cycle. | | channel\_id | The unique ID of the provisioning channel between source and target. | | event\_type | The type of provisioning events, such as CREATE and UPDATE. | | source\_id | The provisioning Source ID. | | target\_id | The provisioning Target ID. | | is\_success | A flag to show whether the event was successful or not. If the attempt succeeded, the value is `true`; otherwise, the value is `false`. | | non\_success\_ cause | Description of failure cause. | ## Related links * [Logging in other formats](pf_loggin_other_format.html)