Update the PingAccess logging file to log iovation events.
This procedure modifies the existing <PA_HOME>/conf/log4j2.xml file to log communications with iovation to a new log file. In a clustered environment, you must perform this procedure on every node.
- Edit the <PA_HOME>/conf/log4j2.xml file.
-
Locate the Appenders section and add a section to create the new log
file.
<RollingFile name="Iovation-File" fileName="${sys:pa.home}/log/pingaccess_iovation_audit.log" filePattern="${sys:pa.home}/log/pingaccess_iovation_audit.%d{yyyy-MM-dd}.log" ignoreExceptions="false"> <PatternLayout> <pattern>%d{ISO8601}| %X{exchangeId}| %X{IOVATION_AUDIT.trackingNumber} | %X{IOVATION_AUDIT.deviceAlias} | %X{IOVATION_AUDIT.accountCode} | %X{IOVATION_AUDIT.result} | %X{IOVATION_AUDIT.reason} | %X{IOVATION_AUDIT.ruleName} | %X{IOVATION_AUDIT.iovationId} | %X{IOVATION_AUDIT.statedIp} %n</pattern> </PatternLayout> <Policies> <TimeBasedTriggeringPolicy/> </Policies> </RollingFile>
This example uses a log file name of <PA_HOME>/log/pingaccess_iovation_audit.log.
The following variables are used in this example.
Variable Definition %d
The transaction time. exchangeId
The ID for a specific request/response pair. IOVATION_AUDIT.trackingNumber
An iovation-assigned unique ID for the transaction that can be used to locate the transaction in searches and reports. IOVATION_AUDIT.deviceAlias
The iovation identifier for the requesting device. If no blackbox is present at the time of the iovation authorization request, a value of 0 is used. IOVATION_AUDIT.accountCode
The value of the accountCode
attribute for the transaction.IOVATION_AUDIT.result
The iovation risk check result. Valid values are: - A – Accept
- D – Deny
- R – Review
IOVATION_AUDIT.reason
The iovation admin-specified value corresponding to the iovation rule that contributed most to the result. IOVATION_AUDIT.ruleName
The name of the PingAccess rule responsible for this iovation Fraud check. IOVATION_AUDIT.iovationId
A unique ID provided by iovation for the request. IOVATION_AUDIT.statedIp
The IP address of the requesting client. This value is provided as the statedIp of the iovation Fraud API request. -
Locate the Loggers section and add an entry to enable logging.
<Logger name="iovationaudit" level="INFO" additivity="false"> <AppenderRef ref="Iovation-File"/> </Logger>
- Restart PingAccess.