- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Supported OS
PingFederate is an enterprise-grade identity federation server that provides secure single sign-on (SSO), multi-factor authentication (MFA), and federated identity management across various applications and services.
This integration provides enrichment and visulization for admin and audit logs. It helps to visualize detailed insights into admin and audit log analysis using out-of-the-box dashboards.
To install the PingFederate integration, run the following Agent installation command and the steps below. For more information, see the Integration Management documentation.
Note: This step is not necessary for Agent version >= 7.54.0.
Linux command
sudo -u dd-agent -- datadog-agent integration install datadog-ping_federate==1.0.0
Collecting logs is disabled by default in the Datadog Agent. Enable it in the datadog.yaml
file with:
logs_enabled: true
Add this configuration block to your ping_federate.d/conf.yaml
file to start collecting your PingFederate logs:
logs:
- type: file
path: <pf_install>/pingfederate/log/admin.log
source: ping-federate
service: admin
- type: file
path: <pf_install>/pingfederate/log/audit.log
source: ping-federate
service: audit
NOTE: Make sure to address the below points.
Change the <pf_install>
to the location of your PingFederate installation.
The default path of PingFederate’s output would be /pingfederate/log
and filenames
would be admin.log
and audit.log
. If you have changed default path and filename then update the path
parameter in conf.yaml
accordingly.
Run the Agent’s status subcommand and look for ping-federate
under the Checks section.
The Ping Federate integration collects the following log types.
Format | Event Types |
---|---|
CEF | admin, audit |
Default log format:
<pattern>%d | %X{user} | %X{roles} | %X{ip} | %X{component} | %X{event} | %X{eventdetailid} | %m%n</pattern>
Default log format:
<pattern>%d| %X{trackingid}| %X{event}| %X{subject}| %X{ip} | %X{app}| %X{connectionid}| %X{protocol}| %X{host}| %X{role}| %X{status}| %X{adapterid}| %X{description}| %X{responsetime} %n</pattern>
Additional field log format:
<pattern>%d| %X{trackingid}| %X{event}| %X{subject}| %X{ip} | %X{app}| %X{connectionid}| %X{protocol}| %X{host}| %X{role}| %X{status}| %X{adapterid}| %X{description}| %X{responsetime}| %X{attrackingid}| %X{attributes}| %X{granttype}| %X{initiator}| %X{inmessagetype}| %X{inresponseto}| %X{localuserid}| %X{requestid}| %X{requeststarttime}| %X{responseid}| %X{stspluginid}| %X{targetsessionid}| %X{authenticationsourceid}| %X{validatorid}| %X{virtualserverid}| %X{connectionname}| %X{httprequestid}%n</pattern>
Note: Additional fields are supported only if they are configured in above sequence. Also, if any field is not configured, then integration will not support the additional fields.
The Ping Federate does not include any metrics.
The Ping Federate integration does not include any events.
The Ping Federate integration does not include any service checks.
If you see a Permission denied error while monitoring the log files, give the dd-agent
user read permission on them.
sudo chown -R dd-agent:dd-agent <pf_install>/pingfederate/log/admin.log
sudo chown -R dd-agent:dd-agent <pf_install>/pingfederate/log/audit.log
For any further assistance, contact Datadog support.