Remember:

Before sharing any HAR data with a third-party application, carefully review the third-party application's permissions and sanitize any potentially sensitive information out of the log files.

  1. Download the jq command-line tool from https://stedolan.github.io/jq/download/.

    Select a jq version for the operating system that you deployed your PingAccess environment on.

    For more information on PingAccess operating system requirements, see System requirements.

  2. Create a file called pa-har-merge.jq. 
    {
log: {
  version: .[0].log.version,
  creator: .[0].log.creator,
  entries: (reduce .[] as $entry ([]; . + ($entry.log.entries | map(. + { _metadata: $entry.log._metadata }))))
  }
}

    For examples of how to parse the PingAccess HAR-formatted log files with pa-merge-har.jq, see the following commands. These examples assume that:

    • You've set PA_HOME and PA_HAR_MERGE_HOME as environment variables that define the base paths to the PingAccess instance and the pa-merge-har.jq file respectively.
    • You're attempting to parse the HAR-formatted API audit log file.

    To filter requests based on request URL, run the command:

    cat $PA_HOME/log/pingaccess_api_audit_har.log | jq -s -f $PA_HAR_MERGE_HOME/pa-har-merge.jq | jq '.log.entries = [ .log.entries[] | select(.request.url != "/pa-admin-api/v3/adminSessionInfo/checkOnly") ]

    To output the HAR-formatted log file into a file format that's usable with a standard HAR viewer, run the command:

    cat $PA_HOME/log/pingaccess_api_audit_har.log | jq -s -f $PA_HAR_MERGE_HOME/pa-har-merge.jq > log.har
    Note:

    View the output log.har file with a standard HAR viewer, such as browser dev tools or the HTTP Archive Viewer.