PingFederate records actions performed through the OAuth Client Management Service, the OAuth Access Grant Management Service, and the Session Revocation API in the <pf_install>/pingfederate/log/runtime-api.log file.
While the events are not configurable, Log4j 2 configuration settings in the <pf_install>/pingfederate/server/default/conf/log4j2.xml file can be adjusted to deliver the desired level of detail surrounding each event.
Each log entry contains information relating to the event, including:
- Time the event occurred on the PingFederate server
- Administrator username performing the action
- Authentication method
- Client IP
- HTTP method
- REST endpoint
- HTTP status code
- HTTP request header
- TLS version
Note: The
<pf_install>/pingfederate/log/runtime-api.log
does not include the HTTP request header and TLS version values by default. You can
customize this log to include additional or less information by modifying the pattern
elements in the
log4j2.xml
file. For more information, see Log4j 2 logging service and configuration.Each of these fields is separated by a vertical pipe (|
) for ease of
parsing.