Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Configuring logging
A json file is used for logging configuration (appsettings.json).
Configuration appsettings.json
File appsettings.json locates at:
- C:\inetpub\wwwroot\pam\component_name\appsettings.json - management server Windows.
- C:\Program Files\Indeed Identity\Indeed PAM\Gateway\ProxyApp\appsettings.json - access server Windows.
- /etc/indeed-identity/indeed-pam/component_name/appsettings.json - management or access server Linux.
Section NLog
Parameter variables - sets the value of a configuration variable.
Code Block "variables": { "minLevel": "Trace", "dbMinLevel": "Info" }
Note | ||
---|---|---|
| ||
The value of a variable can be inserted into an attribute value via the |
Each log entry has a level. And each logger is configured to include or ignore certain levels. A common configuration is to specify the minimum level where that level and higher levels are included. For example, if the minimum level is Info, then Info, Warn, Error and Fatal are logged, but Debug and Trace are ignored.
The log levels ordered by severity:
LogLevel | Ordinal | Severity |
Trace | 0 | Most verbose level. Used for development and seldom enabled in production. |
Debug | 1 | Debugging the application behavior from internal events of interest. |
Info | 2 | Information that highlights progress or application lifetime events. |
Warn | 3 | Warnings about validation issues or temporary failures that can be recovered. |
Error | 4 | Errors where functionality has failed or Exception have been caught. |
Fatal | 5 | Most critical level. Application is about to abort. |
The common configuration is to specify a minimum level in which this level and higher levels are included. For example, if the minimum level is Info, then Info, Warn, Error and Fatal are registered, but Debug and Trace are ignored.
- Section rules - controls how LogEvents from the Logger-objects are redirected to output targets.
Each type of log has its own name, which is not recommended to edit.
Code Block "Rules": { "03_Hangfire": { "logger": "Hangfire.*", "minLevel": "Info", "writeTo": "hangfireFile", "final": true }, "20_Errors": { "logger": "*", "minLevel": "Error", "writeTo": "errorsFile" }, "40_Commands": { "logger": "Idp.Application.*Command", "minLevel": "${minLevel}", "writeTo": "commandsFile", "Enabled": false }, }
For each type of log, you can specify the following tags:
- logger — logger name — this is usually the name of the element associated with the log line in the code (class name). May contain wildcard characters (* and ?). Thus, the rule name '*' corresponds to any logger name, and 'Common*' corresponds to all loggers whose names begin with 'Common'. It is not recommended to edit this parameter.
- LogLevel — logging levels, it is possible to specify several levels at once:
- minlevel — minimum level to log.
- maxlevel — maximum level to log.
- level — single level to log.
- levels — comma separated list of levels to log.
- writeTo — comma separated list of targets to write to.
- final — no rules are processed after a final rule matches.
- enabled — set to false to disable the rule without deleting it.
- parameter targets – defines log targets/outputs (optional parameter)
- parameter extensions – loads NLog extensions from the *.dll file (optional parameter)
- parameter include – includes external configuration file (optional parameter)
Configuring Log.json file
Each component that records logs has a file NLog.json, which specifies where and how logs will be recorded.
For Windows NLog.json file locates in the same path as the appsettings file.json and is configured for each component separately.
For Linux NLog.json file locates at /etc/indeed-identity/indeed-pam/protector and is configuring for all components at once.
Section NLog
Parameter variables - sets the value of a configuration variable. The number of variables is unlimited. (optional parameter).
Section targets
Each type of log has its own name, which is not recommended to edit.
type — The type of the saved log. Editing is not recommended.
- layout — Тhe text to be displayed. Editing is not recommended.
- fileName — Recording logs directory.
- archiveFileName — Storing directory for filled logs.
- archiveAboveSize — Maximum size of log file, specified in bytes.
- archiveNumbering — Method of numbering file archives.
- maxArchiveFiles — The number of stored filled logs . Old filled logs are deleted when new ones appear.
Note | ||
---|---|---|
| ||
The directory for recording and storing logs is specified in one of two formats "C:/\Logs/\logs.log" or "C:\\LogsArch\\logs.{#####}.log". {#####} specified only in archiveFileName parameter. This is necessary for numbering filled logs. |
Note | ||
---|---|---|
| ||
If log rotation is enabled, then the directory of the recorded log and the directory of the filled logs must be different. |
Example of configuration for errors log:
Code Block |
---|
"targets":{ "errorsFile": { "type": "File", "layout": "${loggerLayout}", "fileName": "C:/\Logs/\errors.log", "archiveFileName": "C:\\LogsArch\\errors.{#####}.log", "archiveAboveSize": 1000000, "archiveNumbering": "Sequence", "maxArchiveFiles": 2 } } |
Log rotation is not enabled by default.
Divbox | ||||
---|---|---|---|---|
| ||||
|