Event logging

Users typically do not have access to the Safer Payments server. Safer Payments communicates its activities and status is generated through log messages.

In standard operations, these log messages are written to files where they can be viewed either directly using a text editor, by system tools, or Safer Payments itself.

Safer Payments contains a fully configurable event logging engine that supports three types of logging targets. The system and audit logs are Safer Payments logs. That is, Safer Payments has built-in viewer facilities to read these log messages.

System log
The system log informs about events relevant to technical operations of Safer Payments.
Audit log
The audit log traces relevant user activities.
Operating system logs
Operating system logs are sent to the operating system. In Linux®/Unix operating systems such as RHEL, Safer Payments feeds operating system log messages to the local syslogd as IRIS_n, where n is the ID of the Safer Payments instance, as defined by the command line parameter. Operating system logging is mandatory in PCI DSS compliant environments to facilitate centralized logging, and must be activated by selecting the Enable operating system logging checkbox in the system configuration.

Make sure that all PCI DSS relevant log messages are forwarded to centralized logging as described in Change log message settings.

Note: If you use an IBM® MQ or Kafka server to deliver data to Safer Payments, you must ensure that all relevant log messages are forwarded as well.