Common Audit

One Way to Log Them All

Legacy identity suites and niche components typically have their own unique way of logging data. This approach can be messy and lead to an incomplete picture of what’s happening in your environment.

The ForgeRock Identity Platform takes a different approach with a single common auditing framework. Extract and aggregate log data across the entire platform with common audit event handlers and unique IDs so that it can be tracked holistically rather than product by product. Open and extensible, you can leverage audit logging and reporting capabilities for integration with third-party systems including SIEM, email service providers, CRM systems, and marketing automation systems.

  • A single common auditing service across the platform.
  • Improves interoperability of systems that analyze and store audit data with pluggable audit event handlers.
  • Third-party SIEM and analytics tools including Splunk, ArcSight, FireEye, Palo Alto Networks, and Guardian Analytics can easily consume ForgeRock audit data for increased visibility.
  • Trace the entire lifecycle of users, devices, things, and service events for better security insight.
  • Give administrators a wider choice of back ends for logging audit information.
  • Includes audit event handlers for Splunk, JSON, CSV files, JDBC connections, JMS, Syslog, and Elasticsearch (part of the ELK stack).

Event Handlers

Find out in four minutes how the ForgeRock Identity Platform supports common audit event handlers for Elasticsearch and JMS