This application takes advantage of the Writing audit log for Splunk and Outbound provisioning audit logging, which can be enabled in log4j2.xml file.

Examples of Splunk dashboards

To help you review different events, the following dashboards are available from the top-level menu of the PingFederate app for Splunk:
  • Account Manager
  • Identity Provider
  • Service Provider
  • OAuth Server
Screenshot of the Splunk Dashboard header showing the Account Management, Identity Provider, Service Provider and OAuth Server sub-menus.

Click a menu item to view its sub-menus, as the following example shows for OAuth Server.

Screenshot showing the OAuth Server sub-menu expanded displaying options for Client Request, Token Validation and Dynamic Client Registration.

The following image shows the Identity Provider Access sub-menu dashboard with examples from the security audit log entries.

Screenshot showing the Identity Provider Access sub-menu dashboard with example security audit log entries.

After you select a sub-menu, an image like the following OAuth Server Client Request example is displayed while the dashboard waits for the search results.

Screenshot of the OAuth Server Client Request dashboard with the different sections waiting for search results.

After you click Submit, the dashboard displays the following search results for the client request.

Screenshot of the Client Request dashboard with the search results displayed.

To view additional results, scroll downward or select another page. The following Client Request page provides an example.

Screenshot of the Client Request page displaying additional results.

The following images provide additional examples of the Service Provider Access sub-menu dashboard.

Screenshot of the Server Provider Access sub-menu dashboard.
Screenshot of the Server Provider Access dashboard showing additional results.