This section contains all the audit events logged by Access Manager Appliance. Each event contains the following details:
EventID
Description
Originator Title
Target Title
Subtarget Title
Text1 Title
Text2 Title
Text3 Title
Value1 Title
Value1 Type
Group Title
Data Length
Data Type values stored.
Each field contains a single character token (such as B, U, Y, and so on) that represent the data fields of the audit event, with each letter representing a different data field. The mapping of the character tokens to data fields is found in the nids_en.lsc file.
Audit events are device-specific. You can select events for the following devices:
Administration Console: In Administration Console Dashboard, click Auditing.
Identity Server: Click Devices > Identity Servers > Edit > Auditing and > Logging.
Access Gateway: Click Devices > Access Gateways > Edit > Auditing.
Section 33.1, JavaScript Object Notation (JSON) Event Format
Section 33.5, NIDS: Received a Defederate Request (002e0004)
Section 33.7, NIDS: Received a Register Name Request (002e0006)
Section 33.8, NIDS: Logged Out an Authentication that Was Provided to a Remote Consumer (002e0007)
Section 33.9, NIDS: Logged out a Local Authentication (002e0008)
Section 33.10, NIDS: Provided an Authentication to a Remote Consumer (002e0009)
Section 33.11, NIDS: User Session Was Authenticated (002e000a)
Section 33.12, NIDS: Failed to Provide an Authentication to a Remote Consumer (002e000b)
Section 33.13, NIDS: User Session Authentication Failed (002e000c)
Section 33.14, NIDS: Received an Attribute Query Request (002e000d)
Section 33.16, NIDS: Failed to Provision a User Account (002e000f)
Section 33.19, NIDS: Connection to User Store Replica Lost (002e0012)
Section 33.20, NIDS: Connection to User Store Replica Reestablished (002e0013)
Section 33.30, NIDS: Web service Request was authenticated (002e001D)
Section 33.31, NIDS: Web service Request for authentication Failed (002e001E)
Section 33.32, NIDS: OAuth2 Authorization code issued (002e0028)
Section 33.34, NIDS: OAuth2 Authorization code issue failed (002e0030)
Section 33.39, NIDS: OAuth2 refresh token issue failed (002e0035)
Section 33.40, NIDS: OAuth2 client has been registered successfully (002e0036)
Section 33.41, NIDS: OAuth2 client has been modified successfully (002e0037)
Section 33.42, NIDS: OAuth2 client has been deleted successfully (002e0038)
Section 33.43, NIDS: OAuth2 user has provided consent (002e0039)
Section 33.44, NIDS: OAuth2 user has revoked consent (002e0040)
Section 33.45, NIDS: OAuth2 token validation success (002e0041)
Section 33.46, NIDS: OAuth2 token validation failed (002e0042)
Section 33.47, NIDS: OAuth2 client registration failed (002e0043)
Section 33.48, NIDS: OAuth2 refresh token revoked success (002e0055)
Section 33.49, NIDS: OAuth2 refresh token revocation failed (002e0056)
Section 33.50, NIDS: OAuth2 Authorization none issued (002e0057)
Section 33.51, NIDS: OAuth2 AA Authorization Code Exchange (002e0071)
Section 33.52, NIDS: OAuth2 AA Access Token Exchange (002e0072)
Section 33.55, NIDS: Risk-Based Authentication Action for User (002e0045)
Section 33.56, NIDS: Risk-Based Authentication Action for User (002e0046)
Section 33.57, NIDS: Risk-Based Authentication Action for User (002e0047)
Section 33.58, NIDS: Token was Issued to Web Service (002E001F)
Section 33.59, NIDS: Issued a Federation Assertion (002E0102)
Section 33.60, NIDS: Received a Federation Assertion (002E0103)
Section 33.64, Roles Assignment Policy Evaluation (002e0320)
Section 33.65, Access Gateway: Authorization Policy Evaluation (002e0321)
Section 33.66, Access Gateway: Form Fill Policy Evaluation (002e0322)
Section 33.67, Access Gateway: Identity Injection Policy Evaluation (002e0323)
Section 33.72, Access Gateway: Identity Injection Parameters (0x002e050c)
Section 33.73, Access Gateway: Identity Injection Failed (0x002e050d)
Section 33.74, Access Gateway: Form Fill Authentication (0x002e050e)
Section 33.75, Access Gateway: Form Fill Authentication Failed (0x002e050f)
Section 33.77, Access Gateway: IP Access Attempted (0x002e0513)
Section 33.79, Access Gateway: All WebServers for a Service is Down (0x002e0516)
Section 33.80, Access Gateway: Application Accessed (002E0514)
Section 33.82, Management Communication Channel: Health Change (0x002e0601)
Section 33.83, Management Communication Channel: Device Imported (0x002e0602)
Section 33.84, Management Communication Channel: Device Deleted (0x002e0603)
Section 33.85, Management Communication Channel: Device Configuration Changed (0x002e0604)
Section 33.86, Management Communication Channel: Device Alert (0x002e0605)
Section 33.87, Management Communication Channel: Statistics (002e0606)
Section 33.88, Risk-Based Authentication Successful (002e0025)
Section 33.90, Risk-Based Authentication for User (002e0027)
Section 33.92, Impersonation: Impersonator Logs Out (002E0049)
Section 33.94, Impersonation: Impersonatee Denies (002E0051)
Section 33.95, Impersonation: Impersonatee Approves (002E0052)
Section 33.96, Impersonation: Impersonator Cancels (002E0053)
Section 33.97, Impersonation: Authorization Policy Fails (002E0054)