Configure Event Logging for a Claims-Aware Application

  • Article

Applies To: Windows Server 2008

Use the following procedure to specify the level of events that you want to be logged for claims-aware applications in the Application event log on the Web server that is protected by Active Directory Federation Services (AD FS).You set event logging for claims-aware applications in the web.config file for the application.

You can apply the following event logging settings in the web.config file:

  • Error: An alert that provides information about a significant problem of which the user should be aware, usually involving a loss of functionality or data.

  • Warning: An alert that indicates a problem that is not immediately significant but that may signify conditions that could cause future issues.

  • Info: An alert that provides information about a significant, successful operation.

  • SuccessAudit: A security event that occurs when an audited access attempt succeeds, for example, a successful logon attempt.

  • FailureAudit: A security event that occurs when an audited access attempt fails, for example, a failed attempt to open a file.

  • DetailedSuccess: A success audit event that provides detailed information about each token that is involved in the transaction, including claims information.

  • DetailedFailure: A failure audit event that provides detailed information about each token that is involved in the transaction, including claims information.

  • Everything: Enables all logging levels.

To complete this procedure, you must have Read-Write access to the web.config file.

To configure event logging for a claims-aware application

  1. In Notepad, open the web.config file in the directory that stores the claims-aware application.

  2. Search the file for <websso>.

  3. Add or change the <auditlevel> entry under <websso>, as follows:

    <auditlevel>Value</auditlevel>

    Where Value is one of the following or the combined values of two or more:

    • Error = 1

    • Warning = 2

    • Info = 4

    • SuccessAudit = 16

    • FailureAudit = 32

    • DetailedSuccess = 64

    • DetailedFailure = 128

    • Everything = 247

  4. Save and close the web.config file.