When running Keycloak it can be useful to log events like a login or logout event using the jboss-logging
event listener. This is a built-in event listener that will use JBoss logging to log events. For example we can configure our JBoss logging to log to the standard output streams and when we run Keycloak we can see in the console output details about events when they happen. The event listener jboss-logging
is enabled by default for a realm. We can check it from the Events Config page where it is listed in the Event Listeners field.
By default the log level of error events is set to warn and for successful events to log level debug. If we want to change the log level we can use two configuration properties to achieve this:
spi-events-listener-jboss-logging-success-level
to set the log level for events that are a success. The default value isdebug
, but we can change it to for exampleinfo
. Valid values for the log levels arefatal
,error
,warn
,info
,debug
andtrace
.spi-events-listener-jboss-logging-error-level
to set the log level for events that went wrong. The default value iswarn
. We can any of the valid log level values here as well.
To pass the configuration property with a value to Keycloak we can use the command-line version where we for prefix the property with two dashes (--
). For example:
$ kc.sh start \ --spi-events-listener-jboss-logging-success-level=info \ --spi-events-listener-jboss-logging-error-level=error
Or we can use the environment variables KC_SPI_EVENTS_LISTENER_JBOSS_LOGGING_SUCCESS_LEVEL
and KC_SPI_EVENTS_LISTENER_JBOSS_LOGGING_ERROR_LEVEL
and given them the correct log level values. In the following example we use the environment variables:
$ KC_SPI_EVENTS_LISTENER_JBOSS_LOGGING_SUCCESS_LEVEL=info \ KC_SPI_EVENTS_LISTENER_JBOSS_LOGGING_ERROR_LEVEL=error \ kc.sh start
Written with Keycloak 18.0.2.