[keycloak-dev] Audit finished

Stian Thorgersen stian at redhat.com
Tue Apr 8 08:08:15 EDT 2014


Audit has been added. Quick summary of what's provided:

* Audit Provider SPI, including implementations for JPA and Mongo (provider is configured with -Dkeycloak.audit=jpa or -Dkeycloak.audit=mongo)
* Audit Listener SPI, including implementation for jboss-logging
* Users can view events for their account through account management
* Admins can view events for realm through admin console
* Timer service that runs periodically to clear expired events (runs by default every 15 min, can be configured with -Dkeycloak.audit.expirationSchedule)

By default the JPA audit provider is used, but realms have audit disabled. To enable audit for a realm:

* Open the admin console
* Select the realm
* Click on Audit
* Click on Config
* Click on Enabled switch to enable
* If you want events to be removed after an expiration time, set expiration time

Now you can logout, login, update your users profile, etc, etc. to create some events to view ;)


More information about the keycloak-dev mailing list