This procedure modifies the existing <PA_HOME>/conf/log4j2.xml file to log communications with iovation to a new log file. In a clustered environment, you must perform this procedure on every node.

  1. Edit the <PA_HOME>/conf/log4j2.xml file.
  2. Locate the Appenders section and add a section to create the new log file.
    <RollingFile name="Iovation-File"
                         fileName="${sys:pa.home}/log/pingaccess_iovation_audit.log"
                         filePattern="${sys:pa.home}/log/pingaccess_iovation_audit.%d{yyyy-MM-dd}.log"
                         ignoreExceptions="false">
                <PatternLayout>
                    <pattern>%d{ISO8601}| %X{exchangeId}| %X{IOVATION_AUDIT.trackingNumber} | %X{IOVATION_AUDIT.deviceAlias} | %X{IOVATION_AUDIT.accountCode} | %X{IOVATION_AUDIT.result} | %X{IOVATION_AUDIT.reason} | %X{IOVATION_AUDIT.ruleName} | %X{IOVATION_AUDIT.iovationId} | %X{IOVATION_AUDIT.statedIp} %n</pattern>
                </PatternLayout>
                <Policies>
                    <TimeBasedTriggeringPolicy/>
                </Policies>
    </RollingFile>

    This example uses a log file name of <PA_HOME>/log/pingaccess_iovation_audit.log.

    The following variables are used in this example.

    Variable Definition
    %d The transaction time.
    exchangeId The ID for a specific request/response pair.
    IOVATION_AUDIT.trackingNumber An iovation-assigned unique ID for the transaction that can be used to locate the transaction in searches and reports.
    IOVATION_AUDIT.deviceAlias The iovation identifier for the requesting device. If no blackbox is present at the time of the iovation authorization request, a value of 0 is used.
    IOVATION_AUDIT.accountCode The value of the accountCode attribute for the transaction.
    IOVATION_AUDIT.result The iovation risk check result. Valid values are:
    • A – Accept
    • D – Deny
    • R – Review
    IOVATION_AUDIT.reason The iovation admin-specified value corresponding to the iovation rule that contributed most to the result.
    IOVATION_AUDIT.ruleName The name of the PingAccess rule responsible for this iovation Fraud check.
    IOVATION_AUDIT.iovationId A unique ID provided by iovation for the request.
    IOVATION_AUDIT.statedIp The IP address of the requesting client. This value is provided as the statedIp of the iovation Fraud API request.
  3. Locate the Loggers section and add an entry to enable logging.
    <Logger name="iovationaudit" level="INFO" additivity="false">
          <AppenderRef ref="Iovation-File"/>
    </Logger>
  4. Restart PingAccess.