Overview

ForgeRock Identity Cloud provides audit and debug logs to help you manage your tenant. These logs are stored in Google Cloud Platform (GCP) and made available through a REST API.

While calling the REST API is great for a quick round of troubleshooting, importing log events into ELK has the advantage of making the logs available locally in a central location. Tools like Elasticsearch provide advanced query and visualization features that can significantly help with monitoring and troubleshooting tasks.

A community-provided ELK Docker stack for Identity Cloud is available on GitHub. The code and a comprehensive guide to installing and using this ELK Docker stack can be found here.

NOTE: The ELK stack (also known as the Elastic stack) comprises Elasticsearch, Kibana, Beats and Logstash.

Related topics

• Collect audit and debug logs
• What logging sources are available in Identity Cloud?
• How do I set up the ForgeRock Identity Cloud app for Splunk?