PingFederate records actions performed through the OAuth Client Management Service, the OAuth Access Grant Management Service, and the Session Revocation API in the <pf_install>/pingfederate/log/runtime-api.log file. While the events themselves are not configurable, Log4j 2 configuration settings (in the <pf_install>/pingfederate/server/default/conf/log4j2.xml file) may be adjusted to deliver the desired level of detail surrounding each event.

Each log entry contains information relating to the event, including:

  • Time the event occurred on the PingFederate server
  • Administrator username performing the action
  • Authentication method
  • Client IP
  • HTTP method
  • REST endpoint
  • HTTP status code

Each of the above fields is separated by a vertical pipe (|) for ease of parsing.