Admin Events
Any action an admin performs within the admin console can be recorded for auditing purposes. The Admin Console performs administrative functions by invoking on the Keycloak REST interface. Keycloak audits these REST invocations. The resulting events can then be viewed in the Admin Console.
To enable auditing of Admin actions, go to the Events
left menu item and select the Config
tab.
In the Admin Events Settings
section, turn on the Save Events
switch.
The Include Representation
switch will include any JSON document that is sent through the admin REST API. This allows you to view exactly what an admin has done, but can lead to a lot of information stored in the
database. The Clear admin events
button allows you to wipe out the current information stored.
To view the admin events go to the Admin Events
tab.
If the Details
column has a Representation
box, you can click on that to view the JSON that was sent with that operation.
You can also filter for the events you are interested in by clicking the Filter
button.