Activity
This section shows an overview of the full audit log for the Onegini Authorization Server. The most recent events are shown first.
The events section is available for users with the admin role or the operator role assigned. The events section provides access to events that are generated by the Token Server engine as well as the admin console itself. An overview of event types is included in the Token server events section of the Onegini Token Server.
Filter events
Events can be filtered on several properties. The values are case sensitive.
- Start and/or end date. Both days (dd-MM-yyyy) and date times (dd-MM-yyyy HH:mm) are allowed for this filter.
- User ID: unique identifier of a user.
- Transaction ID: unique identifier of a transaction.
- OAuth Client ID: the client ID given to an OAuth client or application.
- Event Type: The different events that are triggered in the Token Server due to user action (e.g. consent given or access token issued).
- Exclude Access token validations: this event type appears in the audit log when the resource gateway validates the Access token from the client. Check this checkbox to search for the other events that appear less frequently.
Most values are abbreviated to fit onto the screen. Hover over the value with the mouse to reveal more detailed information.
| Column name | Description |
|---|---|
| Date | The date and time of the event that was triggered. |
| Event | The event type that was triggered. Event types are described in the Token server events section. |
| Transaction ID | The name of the header that contains a transaction id. This transaction id will be included in the audit events and requests sent to external systems. When the specified header is not available in the request, a transaction id will be generated by the application prefixed with "ONEGINI-". Note: The network gateway, for example WebSEAL, should strip the configured header name from any incoming request to prevent malicious input via this header. This header serves strictly the purpose of enabling a SIEM solution to create a transactional view of the communication flow between systems. |
| Client | The identifier of the OAuth client that triggered the event. |
| User | The end user that triggered the event. |
| Admin | The admin console user that triggered the event |
| Client IP | The IP address of the client that triggered the event. |
| User Agent | The software agent that is acting on behalf of the user. E.g. a specific internet browser version. |
| Details | Additional remarks about the event. |
