PhenixID

PSD1105 – Configure logging pre IM 5.4.0

Summary

This PhenixID Solution Document (PSD) is written for earlier versions of PhenixID Identity Manager (IM) 5.4.0.
In IM 5.4.0 the log format is in CEF format, read PSD1135.

Configuration of logging (system or audit) in IM 5.0 is different than previous versions. This article describes how to configure logging in IM 5.0

If you like to send the log data to a database instead, please read: PSD1109

System Requirements

  • PhenixID Identity Manager 5.1.0 or later

Overview of logging in Identity Manager 5.x

There are 2 main things that are logged in IM.

  1. Audit log. Who logged in when and what was changed on what? Default name of audit log is audit.log.
  2. System log. Everything that IM as application logs like startup, errors for example will be logged in system log. Default name of system log is im.log.

Overview of Audit logging

To enable audit logging, set this policy:

Enable_Audit_Log=true

To set the audit level, set one of the policy values below for the degree of logging:

Audit_Level=Normal
Audit_Level=Detailed
Audit_Level=Detailed-History

Normal is default.

Example of what is logged in Normal. (Who changed what?)

2018-11-22 11:35:48,986 [audit] INFO: [cn=ServletBasedEngineDN]ERROR Failed authentication for bclarke
2018-11-22 11:36:14,676 [audit] INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]Logged in
2018-11-22 11:37:28,222 [audit] INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]Updated object on object [CN=Johan Engman,DC=phenixid,DC=local]
2018-11-22 11:37:58,730 [audit] INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]Created object: cn=SVC-AppAccount44,OU=ServiceAccounts,OU=Data,OU=PhenixID5Demo,DC=phenixid,DC=local on object [cn=SVC-AppAccount44,OU=ServiceAccounts,OU=Data,OU=PhenixID5Demo,DC=phenixid,DC=local]

Example of what is logged in Detailed. (Who changed what and to what value?)

2018-11-22 11:51:45,429 [audit] INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]Logged in
2018-11-22 11:52:35,538 [audit] INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]LDAPModification: (operation=replace,(LDAPAttribute: {type='title', value='Java Developer'})) on object [CN=Johan Engman,DC=phenixid,DC=local]

Example of what is logged in Detailed-History (Who changed what and to what value and from what value?)

2018-11-22 11:59:48,576 [audit]  INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]BEFORE UPDATE:  [Java Developer] on object [CN=Johan Engman,DC=phenixid,DC=local]
2018-11-22 11:59:48,576 [audit]  INFO: [CN=Bobby Clarke,OU=Demo,DC=phenixid,DC=local]LDAPModification: (operation=replace,(LDAPAttribute: {type='title', value='Marketing Director'})) on object [CN=Johan Engman,DC=phenixid,DC=local]

By default IM will log to file. If you like to send the log data to a database instead, please read: PSD1109

Overview of System logging

The application Identity Manager will log as an application in the system log. When it starts, connect to LDAP server, custom control loaded from example.

Managing the log-files?

Overview

In IM 5.0 we have separated the log-files for the IM application and the Tomcat.

For your IM application there are two log-files, im.log and audit.log

im-log : System log for your IM application
audit-log : User log in/log out, users changing objects

The log-files are stored by default at:
drive:\…\PhenixID\IM\customer\log

Change default log settings?

To change how and where logging works in IM 5.x, open log4j.xml at drive:\…\PhenixID\IM\customer\extension\class

After any changes to log4j.xml you need to restart the IM service.

Change file path of where the log-files are stored

Open log4j.xml.
You will find two appenders with file path parameters.

Default value for im.log at appender FILE:

C:\\Program Files\\PhenixID\\IM/customer/log/im.log

Change file path for audit.log at appender audit:

C:\\Program Files\\PhenixID\\IM/customer/log/audit.log

Change the log level for im.log

Open the log4j.xml
Look for the three section:

<logger name="IM.se.nordicedge" >
<level value="INFO"/>
<appender-ref ref="FILE"/>
</logger>

<logger name="im.se.nordicedge" >
<level value="INFO"/>
<appender-ref ref="FILE"/>
</logger>

<logger name="com.phenixid" >
<level value="INFO"/>
<appender-ref ref="FILE"/>
</logger>

Change INFO to DEBUG in three places to increase logging in im.log

Change the log level for console

If you have started I manually and like to increase the log in the console window.

Open the log4j.xml

Look for the three section:

<root>
<level value=”INFO”/>
<appender-ref ref=”CONSOLE”/>
</root>

Change INFO to DEBUG to increase logging for console

Log-files for Tomcat application

The log-files for the Tomcat application are stored in:

drive:\..\PhenixID\IM\server\logs

DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID - support.phenixid.se