-
Notifications
You must be signed in to change notification settings - Fork 36
Logging layouts for forensics
javabeanz edited this page Feb 23, 2018
·
3 revisions
The security logging framework supports 2 well-known logging formats : syslog and CEF(pdf)
May 11 10:40:48 scrooge disk-health-nurse[26783]: [ID 702911 user.error] m:SY-mon-full-500 c:H : partition health measures for /var did not suffice - still using 96% of partition space
Use Log4j2 SyslogAppender or QOS SyslogAppender
May 18 11:07:22 dsmhost CEF:0|Secure Company|Security Manager|5.4|600|Administrator Signed In|4|suser=Master
Specify CEFLoggingLayout as the layout for your logger.
NOTE : this feature are only available for logback, not yet for log4j.
For more audit and forensic logging, see https://docs.pingidentity.com/bundle/pf_sm_managePingfederateLogs_pf83/page/concept/securityAuditLogging.html