Adding a custom security event
The Security Event Configuration landing page might not have all the events you want to monitor. However, you can define custom security events that are specific for your application in order to monitor them in the logs.
In the navigation panel, click.
Open the activity that processes the action or event you want to monitor.
Click Check out.
On the Steps tab do one of the following actions:
- If a Java step does not exist, click Add a step to insert a Java step where you want to log the event.
- If a Java step exists, click the Arrow icon to the left of the Method field to expand the Method Parameters section for the Java method.
In the Method Parameters section, enter the following call to the API:
tools.getSecEventLogger().logCustomEvent(PublicAPI tools, String eventType, String outcome, String message, Map<String, String> customFlds)with the following parameter values.
Add the call to the API at the end of the section if a Java step exists.
- eventType – Name of the event type to keep track of custom events
- outcome – The outcome of the event
- message – Any message that a user needs to log as part of the event
- customFlds – A map of key-value pairs that log extra information for the event
Click Save as.
- Security event configuration
The security event configuration feature is part of security information and event management (SIEM) that combines security information management (SIM) and security event management (SEM). Use the Security Event Configuration landing page to configure the logging of security events so that you can diagnose system issues and demonstrate compliance to auditors.
- Selecting a security event to monitor
To monitor and analyze security events, use the Security Event Configuration feature. You can select individual events to be automatically captured in logs for every user session.
A keystore is a file that contains keys and certificates that you use for encryption, authentication, and serving content over HTTPS. In Pega Platform, you create a keystore data instance that points to a keystore file.