Exporting Events from Keycloak for User and Access Auditing
Exporting All Events:
-
Navigate to
<manta_dir>/keycloak/bin
-
Run
./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>
-
Enter your
admin_user
's password -
Run
./kcadm.sh get realms/manta/events >> events_export.json
- This command will export the events and write to a a file named
events_export.json
in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to.
- This command will export the events and write to a a file named
Exporting User Login Events Only:
-
Navigate to
<manta_dir>/keycloak/bin
-
Run
./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>
-
Enter your
admin_user
's password -
Run
./kcadm.sh get realms/manta/events | jq '.[] | select(.type == "LOGIN")' >> user_logins_export.json
-
This command will export the user login events and write to a a file named
user_logins_export.json
in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to. -
You can update the command and replace “LOGIN” with the desired “type” you are wanting to export.
- Ex: CODE_TO_TOKEN, LOGIN, CLIENT_LOGIN
-
Exporting a List of Registered Users:
-
Navigate to
<manta_dir>/keycloak/bin
-
Run
./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>
-
Enter your
admin_user
's password -
Run
./kcadm.sh get realms/manta/users >> user_list_export.json
- This command will export a list of users and write this list to a file named
user_list_export.json
in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to.
- This command will export a list of users and write this list to a file named