Skip to Content
May 09 at 10:17 AM

Approuter not audit logging logout scenario.


we use approuter and when we logout it is not getting audit logged. how can we see audit log for a logout scenario ?

Two points to be mentioned.

  1. We use the AppRouter as a reverse proxy for URL delegation and auth handling with XSUAA.
  2. We don’t have any CF presence and deploy the AppRouter using it’s docker image to Kubernetes pods.

Problem Statement:-

We have configured a logout endpoint and when its triggered user gets logout successfully. The problem is it being a security event it’s not getting audit logged.

We can see the audit log when user gets authenticated and is logged in but not when it’s being logged out.

More Information:-

Part of our AppRouter xs-app.yaml file:-


"welcomeFile": "/cockpit/",

"sessionTimeout": 60,

"logout": {

"logoutEndpoint": "/logout",


"routes": [




"source": "/logout",

"destination": "luigi-core",




Sample AuditLog for login:


"message_uuid": "cac37832-07f2-****-8027-3186adac6323",

"time": "2023-05-09T07:30:54.674Z",

"tenant": "c01e293****************b1ad",

"org_id": "92f1da92***********64165af11c8",

"space_id": "92f1da92******************4165af11c8",

"app_or_service_id": "******************4165af11c8",

"als_service_id": "a8b9a836-******************-7e43b37f574d",

"user": ad******************,

"category": "",

"format_version": "",

"message": "{\"uuid\":\"cac37832-07f2-4704-8027-3186adac6323\",\"user\":\a******************\,\"time\":\"2023-05-09T07:30:54.674970Z\",\"ip\":\"\",\"data\":\"{\\\"level\\\":\\\"INFO\\\",\\\"origin\\\":null,\\\"msgNo\\\":1,\\\"msgId\\\":\\\"c0766ed9-f92c-491b-bf8d-2dd3670feab3\\\",\\\"message\\\":\\\"UserAuthenticationSuccess (ad******************'): principal=6351eff0-35cf-432a-9f02-46a3e4852a94, origin=[remoteAddress=1993.134.1141.4456, sessionId= ], identityZoneId=[c01e2935******************-a308-8aa9ac99b1ad]******************ad\",\"customDetails\":{}}"