PhenixID

PSD1135 – Configure logging in IM

Summary

This PSD is written PhenixID Identity Manager (IM) 5.4.0 or later.

Overview of logging in earlier version than IM 5.4.0, please read PSD1105.

System Requirements

  • PhenixID Identity Manager 5.4.0 or later

Overview of logging in IM 5.4.x

When Identity Manager starts, by default three log-files are created:

  • im2.log (see description below)
  • audit.log (see description below)
  • im.log (IM will still support log4j version 1 for some time but eventually log4j version 1 support will be removed. there is one more log-file created and that is im.log.)

The logging behaviour for the files im2.log and audit.log can be changed if desired. This document will explain the log settings.

IM uses log4j 2 as logging API. (See documentation

Default log behaviour in IM is configured in the log4j2.xml file which is located by default in  /../PhenixID/IM/customer/extension/class.
By default most of the log-levels are set to info.

Log appenders

Log appenders describes how and where the logs will be written. There are different types of appenders available, for example console, file and syslog.

Log levels

INFO – The INFO level designates informational messages that highlight the progress of the application at coarse-grained level.

WARN – The WARN level designates potentially harmful situations.

ERROR – The ERROR level designates error events that might still allow the application to continue running.

DEBUG – The DEBUG Level designates fine-grained informational events that are most useful to debug an application.

TRACE – The TRACE Level designates finer-grained informational events than the DEBUG

IM2.log overview

The application log, im2.log contains system information used when troubleshooting.

The default behaviour is to roll the log file every day, as in the example below:

<RollingFile 
name="fileLogger"
fileName="${logPath}/im2.log"
filePattern="${logPath}/im2-%d{yyyy-MM-dd}.log">
<PatternLayout>
<pattern>
[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{-1} - %msg%n
</pattern>
</PatternLayout>
<Policies>
<TimeBasedTriggeringPolicy interval="1" modulate="true" />
</Policies>
</RollingFile>

To change the default behaviour, and instead roll the log depending on size, follow the example below:

<RollingFile
        name="fileLogger" 
fileName="${logPath}/im2.log"
filePattern="${logPath}/im2-%d{yyyy-MM-dd}.log"> <PatternLayout>
<pattern>
[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{-1} - %msg%n
</pattern>
</PatternLayout>
<Policies>         <TimeBasedTriggeringPolicy interval="1"/

<SizeBasedTriggeringPolicy size="5 MB"/> </Policies> <DefaultRolloverStrategy max="10"/> </RollingFile>

In this example each file will be 5MB and 10 files will be kept as backup.

audit.log overview

For information about audit.log. Please read PSD1136

Log-files for Tomcat application

The log-files for the Tomcat application are stored in:

drive:..PhenixID/IM/server/logs

This default location of the logs can be changed according to instructions below.
Be careful when doing these changes and make sure that service and logging works correctly after the change.

To modify the paths for Tomcat log files when using the service, change the settings below.
First go to drive:..PhenixID/IM/server/bin and double-click the file “PhenixIDIMw.exe”.
Then click the tab “Logging”, where changes can be made to the paths.
The location of “localhost_access_log” file needs to be set in drive:..PhenixID/IM/server/conf/server.xml.
Find the section with “AccessLogValve” and change the directory there.

If startup.bat is used, it will pick up log paths from drive:..PhenixID/IM/server/conf/logging.properties.

NOTE: Depending on permissions on the account starting the service, the new directories might need to be created manually.


DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID - support.phenixid.se