Implementation Guide › Implementation Overview › SiteMinder Components › Data Stores › SiteMinder Audit Database
SiteMinder Audit Database
(Optional) By default, the Policy Server writes audit events to a text file, which is known as the Policy Server log. The purpose of audit logs is to track information about all user activity, including:
- All successful authentications
- All failed authentications
- All successful authorization attempts
- All failed authorization attempts
- All administrative login attempts
- All administrative actions, such as changes to administrator passwords, the creation of policy store objects, and changes to policy store objects
However, you can configure a standalone SiteMinder audit database (audit database). When deciding where to store audit events, consider that:
- The Report Server requires a connection to an audit database to create auditbased reports. The Report Server cannot create auditbased reports from a Policy Server log written to a text file.
- Storing audit logs to a database is more secure than logging the information to a text file.
- If supported, a policy store can also function as an audit database.
Note: For more information about configuring an audit database, see the documentation roadmap.