[keycloak-dev] Do we need a RDMS/Mongo backed Audit Log?
Bill Burke
bburke at redhat.com
Fri Mar 28 12:05:49 EDT 2014
If you look at things like fail2ban, they parse logs in order to make
decisions.
Do we really need our Audit Log to be backed by an actual database?
Yes, we need an "Event" or "Action" log that a user and/or admin sees of
things they need to be aware of. But logging of successful logins,
login failures, and the like should be pushed to a rolling log file, no?
Then Keycloak could hook into things like fail2ban.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list