OpenIDM Integrator's Guide
Chapter 16. Using Audit Logs

Access Log Fields

Access messages are split into the following fields.

"_id"

UUID for the message object, such as "0419d364-1b3d-4e4f-b769-555c3ca098b0"

"action"

Action requested, such as "authenticate"

"ip"

IP address of the client. For access from the local host, this can appear for example as "0:0:0:0:0:0:0:1%0".

"principal"

Principal requesting the operation, such as "openidm-admin"

"roles"

Roles associated with the principal, such as "[openidm-admin, openidm-authorized]"

"status"

Result of the operation, such as "SUCCESS"

"timestamp"

Time when OpenIDM logged the message, in UTC format, for example "2012-11-18T08:48:00.160Z"

Activity Log Fields

Activity messages are split into the following fields.

"_id"

UUID for the message object, such as "0419d364-1b3d-4e4f-b769-555c3ca098b0"

"action"

Action performed, such as "create". See the section on Event Types for a list.

"activityId"

UUID for the activity corresponding to the UUID of the resource context

"after"

JSON representation of the object resulting from the activity

"before"

JSON representation of the object prior to the activity

"message"

Human readable text about the activity

"objectId"

Object identifier such as "managed/user/DDOE1"

"parentActionId"

UUID of the action leading to the activity

"requester"

Principal requesting the operation

"rev"

Object revision number

"rootActionId"

UUID of the root cause for the activity. This matches a corresponding "rootActionId" in a reconciliation message.

"status"

Result of the operation, such as "SUCCESS"

"timestamp"

Time when OpenIDM logged the message, in UTC format, for example "2012-11-18T08:48:00.160Z"

Reconciliation Log Fields

Reconciliation messages are split into the following fields.

"_id"

UUID for the message object, such as "0419d364-1b3d-4e4f-b769-555c3ca098b0"

"action"

Synchronization action, such as "CREATE". See the section on Actions for a list.

"ambiguousTargetObjectIds"

When the situation is AMBIGUOUS or UNQUALIFIED and OpenIDM cannot distinguish between more than one target object, OpenIDM logs the identifiers of the objects in this field in comma-separated format. This makes it possible to figure out what was ambiguous afterwards.

"entryType"

Kind of reconciliation log entry, such as "start", or "summary".

"message"

Human readable text about the reconciliation action

"reconciling"

What OpenIDM is reconciling, "source" for the first phase, "target" for the second phase

"reconId"

UUID for the reconciliation operation, which is the same for all entries pertaining to the reconciliation run.

"rootActionId"

UUID of the root cause for the activity. This matches a corresponding "rootActionId" in an activity message.

"situation"

The situation encountered. See the section describing synchronization situations for a list.

"sourceObjectId"

UUID for the source object.

"status"

Result of the operation, such as "SUCCESS"

"targetObjectId"

UUID for the target object

"timestamp"

Time when OpenIDM logged the message, in UTC format, for example "2012-11-18T08:48:00.160Z"