Contact Us 1-800-596-4880
  1. Homepage
  2. Security
  3. Tokenization

  4. Tokenization Service Logs

Tokenization Service Logs

To determine traffic counts, use the tokenization summary message that is returned in Runtime Fabric logs. To retrieve the logs, configure log forwarding in Runtime Fabric.

The log tag entry is rtfTokenizationStatistics, and the stats are a JSON string. Logs are rendered every one minute at a forced log entry of RTC INFO level, which is not subject to log level settings.

Failure counts are incremented only for actual tokenization and de-tokenization failures. Other failures, such as protocol errors in the requests, do not count towards the failure statistics. An example of a failure is an unknown token string that can’t be de-tokenized.

Counts are cumulative from the start of each individual pod (replica) until its death.

Example tokenization summary message:

<logEntry>
<header>
<time>2018-11-12T14:55:00.009667</time>
<node>icvlab11401</node>
<logType>RTC_BASE_MGMT</logType>
<logLevel>INFO</logLevel>
<process>WorkflowTest</process>
<pid>16766</pid>
<tid>16775</tid>
<file>cbrsrc/cbrcore/src/rtc/embedded/wfp/WfpTokenizationStatistics.cpp</file>
<line>98</line>
</header>
<body><rtfTokenizationStatistics>{"tokenizationStatistics":{"node":"icvlab11401","timestamp":"2018-11-12T20:55:00.009Z","tokenizeSuccess":2,"deTokenizeSuccess":6,"tokenizedBytes":6,"deTokenizedBytes":32,"tokenizeFailure":2,"deTokenizeFailure":2,"tokenizeFailedBytes":5,"deTokenizeFailedBytes":0}}</rtfTokenizationStatistics></body>+
</logEntry>
{
 "tokenizationStatistics":{
   "node":"icvlab11401",
   "timestamp":"2018-11-12T20:55:00.009Z",
   "tokenizeSuccess":2,
   "deTokenizeSuccess":6,
   "tokenizedBytes":6,
   "deTokenizedBytes":32,
   "tokenizeFailure":2,
   "deTokenizeFailure":2,
   "tokenizeFailedBytes":5,
   "deTokenizeFailedBytes":0
 }
}

Tokenization Audit Logging

Audit logs are generated when a tokenization or detokenization request is initiated. To enable audit logs, select the Enable Audit Logs setting.

Audit logs contain:

  • Client IP address

  • Operation (tokenization or detokenization)

  • Format used

  • Timestamp

  • Correlation_id

  • Success or failure status

Example tokenization audit log:

<logEntry><header><time>2019-06-21T00:29:29.187995</time><node>defaulttokservice-tokenizer-55546c57f9-f8t7h</node><process>securityfabric-tokenizer-runtime</process><pid>34</pid><transId>657988989747200</transId></header><body><anypointSecurityTokenizationAuditing>{"client":"10.244.60.9","correlation_id": "bf4d3684-9ada-4931-9815-7c36ef98fdf4","operation": "detokenization", "details": [

{"format":"socialSecurityNumber","success":1,"failure":0}
]}</anypointSecurityTokenizationAuditing></body></logEntry>

For security reasons, neither the confidential data nor the token are logged.

See Also

Runtime Fabric documentation