This chapter describes OpenAM audit log files:
Audit logs record information about OpenAM events. You can adjust the amount of detail in the administrative logs under Configuration > System > Logging.
- amAuthentication.access
-
Contains log data for when users log into and out of OpenAM, including failed authentications
- amAuthentication.error
-
Contains log data about errors encountered when users login and out of OpenAM
- amConsole.access
-
Contains data about actions run as the administrator in the console, including changes to realms and policies
- amConsole.error
-
Contains data on errors encountered during administrator sessions
- amPasswordReset.access
-
Contains data about password resets
- amPolicy.access
-
Contains data about authorization actions permitted by policies, including policy creation, removal, or modification
- amPolicy.error
-
Contains data on errors encountered during actions related to the policy
- amPolicyDelegation.access
-
Contains data about actions as part of the policy delegation, including any changes to the delegation
- amRemotePolicy.access
-
Contains data about policies accessed remotely
- amRest.access
-
Contains data about access to REST endpoints
- amRest.authz
-
Contains data about authorizations to access REST endpoints
- amSSO.access
-
Contains data about user sessions, including times of access, session time outs, session creation, and session termination for stateful sessions; contains data about session creation and session termination for stateless sessions
- CoreToken.access
-
Contains data about actions run against the core token
- CoreToken.error
-
Contains data on errors encountered regarding the core token
- COT.access
-
Contains data about the circle of trust
- COT.error
-
Contains data on errors encountered for the circle of trust
- Entitlement.access
-
Contains data about entitlement actions or changes
- IDFF.access
-
Contains data about federation actions, including the creation of authentication domains or the hosted providers
- IDFF.error
-
Contains data on errors encountered during federation actions
- Liberty.access
-
Contains data about actions run for the federation Liberty schema
- Liberty.error
-
Contains data on errors encountered for the federation Liberty schema
- OAuth2Provider.access
-
Contains data about actions for the OAuth 2.0 provider
- OAuth2Provider.error
-
Contains data about errors encountered by the OAuth 2.0 provider
- SAML2.access
-
Contains data about SAML 2 actions, including changes to assertions, artifacts, response, and requests
- SAML2.error
-
Contains data about errors encountered during SAML 2 actions
- SAML.access
-
Contains data about SAML actions, including changes to assertions, artifacts, response, and requests
- SAML.error
-
Contains data about errors encountered during SAML actions
- ssoadm.access
-
Contains data about actions completed for SSO as admin
- WebServicesSecurity.access
-
Contains data about activity for Web Services Security
- WebServicesSecurity.error
-
Contains data on errors encountered by Web Services Security
- WSFederation.access
-
Contains data about activity for WS Federation, including changes and access information
- WSFederation.error
-
Contains data on errors encountered during WS Federation