[//]: # (werk v2)
# Dedicated security logging
key | value
---------- | ---
date | 2024-02-16T09:38:25+00:00
version | 2.3.0b1
class | feature
edition | cre
component | omd
level | 1
compatible | yes
To make it easier to detect certain security relevant events a dedicated security log is
introduced. You can find it in `var/log/security.log`.
The format of each line is:
1. The date and time the logentry was created (local time)
2. The security domain and the process id.
3. The message as json with a `summary` and `details` key. The contents of the `details`
vary by the domain.
Currently the following domains exist:
* `application_errors`: e.g if a CSRF token could not be found/validated
* `auth`: e.g. successful / unsuccessful authentication attempts. (Successful
authentication attempts without opening a session are currently not logged.)
* `service`: e.g. the start of a site
* `user_management`: e.g. change of a password
Please note that this logfile is still subject to change. Additional events might be added
and details may change with p-releases.