Note: this is an abstract component that cannot be instantiated.
Writer Based Authorization Log Publishers are log publishers that use TextWriter implementations.
↓Direct Subcomponents
↓Parent Component
↓Properties
↓dsconfig Usage
The following Writer Based Authorization Log Publishers are available in the server :
These Writer Based Authorization Log Publishers inherit from the properties described below.
The Writer Based Authorization Log Publisher component inherits from the Authorization Log Publisher
The properties supported by this managed object are as follows:
Basic Properties: | Advanced Properties: |
---|---|
↓ description | ↓ auto-flush |
↓ enabled | ↓ asynchronous |
↓ java-class | ↓ queue-size |
↓ logged-message-type | ↓ max-string-length |
Description | A description for this Log Publisher |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | Indicates whether the Log Publisher is enabled for use. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Description | The fully-qualified name of the Java class that provides the Authorization Log Publisher implementation. |
Default Value | None |
Allowed Values | The fully-qualified name of a Java class that extends or implements com.unboundid.directory.broker.loggers.AuthorizationLogPublisher |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Description | Specifies the message types which can be logged. |
Default Value | All messages are logged except for decision-trace. |
Allowed Values | policy-decision - Indicates that policy decisions will be logged. decision-trace - For debugging of XACML policies. Indicates that decision trace messages will be logged. Can generate a lot of output and could impact performance. add-consent - Indicates that capture of consent will be logged. delete-consent - Indicates that revocation of consent will be logged. oauth-code-granted - Indicates that information on OAuth 2 authorization codes will be logged. oauth-code-consumed - Indicates that OAuth 2 authorization codes being converted to a token will be logged. oauth-token-granted - Indicates that information on OAuth 2 access tokens will be logged. oauth-token-revoked - Indicates that OAuth 2 access tokens being revoked will be logged. oauth-token-validation - Indicates that OAuth 2 access token validation results will be logged. oauth-consent-denied - Indicates that information will be logged when a user implicitly or explicitly denies OAuth 2 consent. oauth-consent-permitted - Indicates that information will be logged when an user implicitly or explicitly approves OAuth 2 consent. oauth-consent-requested - Indicates that information will be logged when an application requests OAuth 2 consent from a user. oauth-exception - Indicates that information will be logged when there is an exception in an OAuth 2 flow. id-token-granted - Indicates that information on OpenID Connect ID tokens will be logged. external-identity-token - Indicates that information on External Identity Provider token requests and responses will be logged. external-identity-attributes - Indicates that information on External Identity Provider attribute requests and responses will be logged. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
auto-flush (Advanced Property)
Description | Specifies whether to flush the writer after every log record. If the asynchronous writes option is used, the writer is flushed after all the log records in the queue are written. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
asynchronous (Advanced Property)
Description | Indicates whether the Writer Based Authorization Log Publisher will publish records asynchronously. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
queue-size (Advanced Property)
Description | The maximum number of log records that can be stored in the asynchronous queue. The server will continuously flush messages from the queue to the log. That is, it does not wait for the queue to fill up before flushing to the log. Lowering this value can impact performance. |
Default Value | 10000 |
Allowed Values | An integer value. Lower limit is 1000. Upper limit is 100000 . |
Multi-Valued | No |
Required | No |
Admin Action Required | The Writer Based Authorization Log Publisher must be restarted if this property is changed and the asynchronous property is set to true. |
max-string-length (Advanced Property)
Description | Specifies the maximum number of characters that may be included in any string in a log message before that string is truncated and replaced with a placeholder indicating the number of characters that were omitted. This can help prevent extremely long log messages from being written. A value of zero indicates that no limit will be imposed. |
Default Value | 2000 |
Allowed Values | An integer value. Lower limit is 0. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured Log Publishers:
dsconfig list-log-publishers [--property {propertyName}] ...
To view the configuration for an existing Log Publisher:
dsconfig get-log-publisher-prop --publisher-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Log Publisher:
dsconfig set-log-publisher-prop --publisher-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Log Publisher:
dsconfig delete-log-publisher --publisher-name {name}