1. Navigate to /IAM Suite/Identity Manager/tools/samples/Admin/user_console.war, and copy the sample logging.jsp file.
2. Navigate to /iam_im.ear/user_console.war and replace the existing logging.jsp with the sample logging.jsp file that you copied in step 1.

3. Open <JBOSS/WILDFLY_HOME>/standalone/deployments/iam_im.ear/user_console.war/WEB-INF/web.xml file for editing and add the following text after the last taglib tag.

<security-constraint>
     <web-resource-collection>
          <web-resource-name>IAMSecureAdminTooles</web-resource-name>
          <description>Security constraint for IAM Admin Tools</description>
          <url-pattern>/logging.jsp</url-pattern>
          <http-method>POST</http-method>
          <http-method>GET</http-method>
     </web-resource-collection>
     <auth-constraint>
          <description>only let the admin users use secured admin tools</description>
          <role-name>IAMAdmin</role-name>
     </auth-constraint>
     <user-data-constraint>
          <description>SSL not required</description>
          <transport-guarantee>NONE</transport-guarantee>
     </user-data-constraint>
</security-constraint>
<login-config>
     <auth-method>BASIC</auth-method>
     <realm-name>IAM Realm</realm-name>
</login-config>
<security-role>
     <description>The IAM Secure Admin Role</description>
     <role-name>IAMAdmin</role-name>
</security-role>

4. Modify <JBOSS/WILDFLY_HOME>/bin/standalone.conf file by appending the following

       -DLog4jContextSelector=org.apache.logging.log4j.core.selector.BasicContextSelector

    to JAVA_OPTS variable within the *start CA IAM FW changes* section

5. Restart IM

6. After IM is restarted, go to <JBOSS/WILDFLY_HOME>/bin and run add-user.sh and create JBoss application user, e.g. jbossappuser, set "IAMAdmin"  as the group.