Consumer Audit Logs

The LoginRadius Identity Platform provides a Consumer Audit Logs feature that enables real-time synchronization of actionable API logs with your Audit Management and SIEM tools (e.g., Sumologic, Splunk). This feature offers in-depth insights into API interactions—who accessed the system, when, and how—allowing organizations to monitor security, detect threats, and streamline compliance efforts.

Audit logs can be accessed in two ways:

1. Admin Console – Provides a basic view of logs with limited capabilities.
2. SIEM Integration – Offers detailed logging with advanced analytics and monitoring capabilities.

1. Real-time Monitoring & Alerts – Detect security threats and unauthorized access attempts instantly.
2. Troubleshooting & Debugging – Quickly diagnose and resolve issues affecting application performance.
3. Granular API Insights – Monitor API interactions at a detailed level.

1. Regulatory Compliance – Ensure adherence to ISO, HIPAA, GDPR, and other industry regulations.
2. Data Versioning & Tracking – Maintain a detailed audit trail for changes in user profiles.
3. Business Intelligence & Analytics – Leverage log data for user behavior insights and strategic decision-making.
4. Threat Monitoring – Set alerts for system stability, manage traffic, and prevent brute force attacks.
5. Incident Management – Detect abnormal behavior, identify bugs faster, and apply timely resolutions.

Consumer Audit Logs empower your team to monitor data across your network, trigger alerts on anomalies, and respond to potential security threats before they impact your business. Some examples of Threat Detection are as follows:

• DDoS Attack Prevention: Set up alerts for unexpected spikes in API requests to identify and mitigate potential DDoS attacks. Your DevOps team can block malicious IPs and prevent service disruptions.
• Brute Force Attack Detection: If there's a surge in failed login attempts from a specific IP, your team can flag and block the source to prevent unauthorized access attempts.
• Unauthorized Access Monitoring: An unusual increase in Account Deletion API requests could indicate a breach. Real-time monitoring enables swift intervention to protect user data.

• Detect 4xx errors for abnormal behavior.
• Identify bugs quicker and help to apply resolutions.
• Respond to critical issues before they impact your business.

• Track API actions for individual consumers.
• Maintain a historical view of consumer activities.
• Resolve compliance-related queries (GDPR, CCPA, HIPAA, etc.).
• Provide documentation for conflict resolution.

• Track API trends for specific events.
• Use insights to make informed business decisions.

Consumer Audit Logs can be configured in two ways:

Via Admin Console

• Available for basic log viewing with limited data points.
• Allows businesses to track key user activities.
• Logs are available for a defined retention period.
• Accessible by navigating to the Audit Logs section in the LoginRadius Admin Console.
• We have a UID search available to search the specific user’s log.

Via SIEM Integration

• Offers full log details, including API request metadata, user interactions, and security incidents.
• Supports integration with SIEM tools (e.g., Splunk, Sumologic, AWS CloudWatch) for enhanced monitoring.
• It provides the ability to automate threat detection and alerting.
• Requires LoginRadius team for configuration.

The following metadata is captured for each API call and provided in the Admin Console, while detailed logs will include everything about the API call, including the API end-point, status code, all the time stamps, etc.:

Column Name	Description
id	Unique audit log ID.
uid	LoginRadius Consumer ID.
operation	Type of API call.
category	Consumer action type.
type	Warning/error/info level.
message	API success/error message.
code	API response code.
extra_info	Additional API call details.
timestamp	Unix timestamp of API call.
request_path	API endpoint accessed.
useragent	Source User-Agent of the API call.
IP	IP address from API header.
host	Host from API header.
appname	Name of the application making the request.
method	HTTP method used (GET, POST, etc.).
module	Module associated with the API call.
sub_module	Sub-module within the API operation.
email	Consumer email associated with the request (if applicable).
workflow_name	Name of any workflow triggered by the action.
oidc_appname	OIDC application name (if applicable).

{
  "appname": "lrdemo2",
  "category": "access",
  "code": 403,
  "email": "[email protected]",
  "extra_info": null,
  "host": "api.loginradius.com",
  "id": "6374034da49sdf49f79080b11797a058",
  "ip": "43.198.4.171",
  "message": "{\"ErrorCode\":1228,\"Message\":\"Consent logs not available.\",\"Description\":\"Consent logs not available.\"}",
  "method": "GET",
  "module": "account",
  "oidc_appname": "",
  "operation": "get_consent_logs_by_uid",
  "request_path": "/identity/v2/manage/account/b6cf5e3ff8354d68aef41b407c908b97/consent/logs",
  "sub_module": "consent",
  "timestamp": 1739944885,
  "type": "warning",
  "uid": "b6cf5e3ff84d68aeghgf41b407c908b97",
  "useragent": "axios/1.7.4",
  "workflow_name": ""
}

The Consumer Audit Log supports integration with leading log management and security analytics platforms to enhance monitoring, compliance, and incident response.

• Logstash – An open-source log processor that collects, filters, and forwards audit logs to destinations like Elasticsearch. Ideal for real-time log transformation and enrichment.
• Sumo Logic – A cloud-native log analytics platform offering AI-driven threat detection, real-time monitoring, and compliance insights.
• Splunk – A powerful SIEM solution providing real-time search, anomaly detection, and forensic investigations for security and compliance.
• Devo – A high-speed, cloud-based logging platform with real-time indexing, security analytics, and scalable log retention.

These integrations enable efficient log ingestion, security visibility, and compliance tracking, ensuring robust audit log management. 🚀

For any customer Integration requirements, feel free to contact LoginRadius Support.

By leveraging Consumer Audit Logs, businesses can streamline incident resolution, improve user experience, and enhance system reliability.

• Audit Log Integration
• Security Overview
• Passwordless Login Overview