Work completed:
* Added AuditListener SPI
(
https://github.com/keycloak/keycloak/blob/master/audit/api/src/main/java/...)
* Added JBoss Logging AuditListener implementation (this is used by default for all realms
atm)
* Added audit events for token service, social, account management and required actions
Remaining work:
* Add a AuditProvider SPI (extends AuditListener to add querying for events)
* Add implementations of AuditProvider - atm I'm thinking a JPA and Mongo providers as
a sensible starting point (with an option to remove events after N days). I've
considered parsing logs, but I'm pretty sure that won't work for account
management (and will also be quite limiting for admin console)
* Allow configuring audit listeners/providers for a realm through admin console
* View events associated with user in account management
* View all events in admin console
* Audit events for admin
Related:
* AuditListener/Provider could be useful for brute force protection
* AuditListener could be used to allow applications to listen for user
creation/update/deletion to sync user details into a separate database / maybe we could
add a UserListener interface?