Using ELK with ForgeRock Identity Cloud logs


ForgeRock Identity Cloud provides audit and debug logs to help you manage your tenant. These logs are stored in Google Cloud Platform (GCP) and made available through a REST API.

While calling the REST API is great for a quick round of troubleshooting, importing log events into ELK has the advantage of making the logs available locally in a central location. Tools like Elasticsearch provide advanced query and visualization features that can significantly help with monitoring and troubleshooting tasks.

A community-provided ELK Docker stack for Identity Cloud is available on GitHub. The code and a comprehensive guide to installing and using this ELK Docker stack can be found here.

NOTE: The ELK stack (also known as the Elastic stack) comprises Elasticsearch, Kibana, Beats and Logstash.

Related topics