GitHubContribute in GitHub: Edit online

Exporting Events from Keycloak for User and Access Auditing

Exporting All Events:

  1. Navigate to <manta_dir>/keycloak/bin

  2. Run ./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>

  3. Enter your admin_user's password

  4. Run ./kcadm.sh get realms/manta/events >> events_export.json

    1. This command will export the events and write to a a file named events_export.json in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to.

Exporting User Login Events Only:

  1. Navigate to <manta_dir>/keycloak/bin

  2. Run ./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>

  3. Enter your admin_user's password

  4. Run ./kcadm.sh get realms/manta/events | jq '.[] | select(.type == "LOGIN")' >> user_logins_export.json

    1. This command will export the user login events and write to a a file named user_logins_export.json in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to.

    2. You can update the command and replace “LOGIN” with the desired “type” you are wanting to export.

      1. Ex: CODE_TO_TOKEN, LOGIN, CLIENT_LOGIN

Exporting a List of Registered Users:

  1. Navigate to <manta_dir>/keycloak/bin

  2. Run ./kcadm.sh config credentials --server http://localhost:<$PORT>/auth --realm master --user <admin_user>

  3. Enter your admin_user's password

  4. Run ./kcadm.sh get realms/manta/users >> user_list_export.json

    1. This command will export a list of users and write this list to a file named user_list_export.json in the same directory you ran the command from. You can specify the full path to the file you’d like it to write to.