---
title: Get audit and debug logs
description: PingOne Advanced Identity Cloud provides audit and debug logs to help you manage your tenant:
component: pingoneaic
page_id: pingoneaic:tenants:audit-debug-logs
canonical_url: https://docs.pingidentity.com/pingoneaic/tenants/audit-debug-logs.html
keywords: ["Monitoring", "Tenants", "Troubleshooting"]
page_aliases: ["pingoneaic::tenant-audit-logs.adoc", "tenants:audit-logs.adoc"]
---

# Get audit and debug logs

PingOne Advanced Identity Cloud provides audit and debug logs to help you manage your tenant:

* Use audit logs to investigate user and system behavior.

* Use debug logs to investigate any issues that can arise in production.

You can access logs using one of the following methods:

* **Direct log access using REST API**: Retrieve log events directly from the `/monitoring/logs` REST API endpoint. With this method, you access each of your tenant environments individually and use REST API filters to refine log results. Learn more in [Retrieve log entries using REST API](audit-debug-logs-pull.html).

* **External monitoring tool using log streaming**: Use the `/environment/telemetry/*` REST API endpoints to configure each of your tenant environments to steam logs to an external monitoring tool or Security Information and Event Management (SIEM) for real-time security monitoring and error detection. This method lets you access a single external tool and use its interface to refine log results. You can integrate with Splunk or an OpenTelemetry-compatible SIEM such as Grafana Cloud, Datadog, or New Relic. Learn more in [Stream logs to an external monitoring tool](audit-debug-logs-push.html).

* **Advanced Identity Cloud admin console**: Monitor log entries in the admin console. This [beta](../product-information/release-lifecycle.html#beta) feature is limited to development and sandbox\[[1](#_footnotedef_1 "View footnote.")] environments. Learn more in [Monitor log entries in the admin console](audit-debug-logs-monitoring.html).

Advanced Identity Cloud stores logs in various [log sources](audit-debug-log-sources.html). When you retrieve or stream logs, you'll need to specify which sources you're interested in.

Advanced Identity Cloud stores logs for 30 days.

***

[1](#_footnoteref_1). A [sandbox environment](environments-sandbox.html) is an [add-on capability](../product-information/add-on-capabilities.html).