OpenAM – Audit Capabilities

This topic has 2 replies, 2 voices, and was last updated 7 years, 4 months ago by Manchanda, P.

  • Author
  • #4639
     Manchanda, P

    Respected Experts,

    I am trying to understand the auditing capabilities of the OpenAM, especially what all events or information OpenAM writes to its Audit Logs. The information that I am looking is on the lines say, Will OpenAM log failed login attempts for a user, Will OpenAM log the change password event.

    Is there a documentation that can help me understand the Audit capabilities of OpenAM.

    I have referred to Chapter 6 of docs that provides steps to configure Audit Logging. Also, Chapter 2, mentions the log file and log message details. I suppose the Administrative Log files are the ones that contains the Audit Logs. Please confirm.

    Administrative Log Files

    Administrative logs record information on OpenAM events. You can adjust the amount of detail in the administrative logs under Configuration > System > Logging.

    Thanks and Regards
    P Manchanda

     Craig McDonnell

    Hi Manchanda,

    The ‘administrative log files’ are indeed the audit logs described in Chapter 2 of the admin guide. By default, these log files are stored under ~/openam/openam/log and contain the messages detailed in chapter 2. To the best of my knowledge, chapter 2 is the best source of reference to learn what audit events are recorded.

    For example, authentication events have IDs starting with “AUTHENTICATION-” and session events have IDs starting with “SESSION-“. In particular, AUTHENTICATION-306 and AUTHENTICATION-307 will be of interest to you as they relate to password reset.


     Manchanda, P

    Thanks @Craig. Chapter 2 provides details about log message structure. I think it would be great to have a list of the events that are logged. This can be added to Chapter 6. This would help to understand the audit capabilities better.

    Thanks and Regards
    P Manchanda

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?