File Based Trace Log Publishers are used for tracing the processing of HTTP requests within the Data Broker. Messages are published to the file system.
↓Parent Component
↓Relations from This Component
↓Properties
↓dsconfig Usage
The File Based Trace Log Publisher component inherits from the Writer Based Trace Log Publisher
The following components have a direct aggregation relation from File Based Trace Log Publishers:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ description | ↓ asynchronous |
| ↓ enabled | ↓ queue-size |
| ↓ debug-message-type | ↓ max-string-length |
| ↓ http-message-type | ↓ time-interval |
| ↓ oauth-message-type | ↓ buffer-size |
| ↓ xacml-policy-message-type | ↓ compression-mechanism |
| ↓ scim-message-type | |
| ↓ user-interface-message-type | |
| ↓ include-path-pattern | |
| ↓ exclude-path-pattern | |
| ↓ log-file | |
| ↓ log-file-permissions | |
| ↓ append | |
| ↓ rotation-policy | |
| ↓ retention-policy | |
| ↓ sign-log |
| Description | A description for this Log Publisher |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the Log Publisher is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the debug message types which can be logged. Note that enabling these may result in sensitive information being logged. |
| Default Value | No debug messages are logged. |
| Allowed Values | external-identity-provider-request-and-response - The full HTTP request and response for an outbound request to an External Identity Provider. http-full-request-and-response - The full HTTP request and response for an inbound request to the Data Broker. ldap-external-server-request - The LDAP request and response for an outbound request performed through an LDAP External Server. policy-decision-trace - The policy decision trace. store-adapter-processing - Detailed tracing of operations processed by store adapters. store-adapter-mapping - Detailed tracing of attributes before and after they are mapped from SCIM to a store adapter and vice-versa. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the HTTP message types which can be logged. |
| Default Value | No HTTP messages are logged. |
| Allowed Values | request - The HTTP request summary. response - The HTTP response summary. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the OAuth message types which can be logged. |
| Default Value | No OAuth messages are logged. |
| Allowed Values | code-granted - Code granted. code-consumed - Code consumed. token-granted - Token granted. token-revoked - Token revoked. token-validation - Token validation. consent-denied - Consent denied. consent-permitted - Consent permitted. consent-requested - Consent requested. consent-deleted - All consents for a client application deleted. id-token-granted - Token granted. exception - OAuth exception. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the policy message types which can be logged. |
| Default Value | No policy messages are logged. |
| Allowed Values | result - The policy result. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the SCIM message types which can be logged. |
| Default Value | No SCIM messages are logged. |
| Allowed Values | request - Information about SCIM requests received from clients. result - Information about the results of SCIM requests received from clients. internal-request - Information about SCIM requests that initiated internally (for example, operations initiated during processing of a client request). internal-result - Information about the results of SCIM requests that initiated internally (for example, operations initiated by plugins). |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the user interface message types which can be logged. |
| Default Value | No user interface messages are logged. |
| Allowed Values | login - Authentication, successful and failed. logout - Logout. recover-password - The password recovery self-service account flow. recover-username - The username recovery self-service account flow. register - The register self-service account flow. idp-link - External identity linking operations. idp-resource-crud - External identity create, retrieve, update and delete operations. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of HTTP request URL paths to determine whether log messages are included for a HTTP request. Log messages are included for a HTTP request if the request path does not match any exclude-path-pattern, and the request path does match an include-path-pattern (or no include-path-pattern is specified). Paths are matched using the following rules:
Some pattern examples:
|
| Default Value | All request paths are included except any specified in exclude-path-pattern. |
| Allowed Values | A string |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of HTTP request URL paths to determine whether log messages are excluded for a HTTP request. Log messages are included for a HTTP request if the request path does not match any exclude-path-pattern, and the request path does match an include-path-pattern (or no include-path-pattern is specified). Paths are matched using the following rules:
Some pattern examples:
|
| Default Value | No request paths are explicitly excluded. |
| Allowed Values | A string |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The file name to use for the log files generated by the File Based Trace Log Publisher. The path to the file can be specified either as relative to the server root or as an absolute path. |
| Default Value | None |
| Allowed Values | A filesystem path |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | The File Based Trace Log Publisher must be disabled and re-enabled for changes to this setting to take effect. In order for this modification to take effect, the component must be restarted, either by disabling and re-enabling it, or by restarting the server |
| Description | The UNIX permissions of the log files created by this File Based Trace Log Publisher. |
| Default Value | 600 |
| Allowed Values | A valid UNIX mode string. The mode string must contain three digits between zero and seven. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies whether to append to existing log files. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The rotation policy to use for the File Based Trace Log Publisher . When multiple policies are used, rotation will occur if any policy's conditions are met. |
| Default Value | No rotation policy is used and log rotation will not occur. |
| Allowed Values | The DN of any Log Rotation Policy. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The retention policy to use for the File Based Trace Log Publisher . When multiple policies are used, log files are cleaned when any of the policy's conditions are met. |
| Default Value | No retention policy is used and log files are never cleaned. |
| Allowed Values | The DN of any Log Retention Policy. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the log should be cryptographically signed so that the log content cannot be altered in an undetectable manner. Log file signatures can be validated using the validate-file-signature tool provided with the server. Note that when enabling signing for a logger that already exists and was enabled without signing, the first log file will not be completely verifiable because it will still contain unsigned content from before signing was enabled. Only log files whose entire content was written with signing enabled will be considered completely valid. For the same reason, if a log file is still open for writing, then signature validation will not indicate that the log is completely valid because the log will not include the necessary "end signed content" indicator at the end of the file. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The File Based Trace Log Publisher must be disabled and re-enabled for changes to this setting to take effect. In order for this modification to take effect, the component must be restarted, either by disabling and re-enabling it, or by restarting the server |
asynchronous (Advanced Property)
| Description | Indicates whether the Writer Based Trace Log Publisher will publish records asynchronously. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
queue-size (Advanced Property)
| Description | The maximum number of log records that can be stored in the asynchronous queue. The server will continuously flush messages from the queue to the log. That is, it does not wait for the queue to fill up before flushing to the log. Lowering this value can impact performance. |
| Default Value | 10000 |
| Allowed Values | An integer value. Lower limit is 1000. Upper limit is 100000 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The Writer Based Trace Log Publisher must be restarted if this property is changed and the asynchronous property is set to true. |
max-string-length (Advanced Property)
| Description | Specifies the maximum number of characters that may be included in any string in a log message before that string is truncated and replaced with a placeholder indicating the number of characters that were omitted. This can help prevent extremely long log messages from being written. A value of zero indicates that no limit will be imposed. |
| Default Value | 50000 |
| Allowed Values | An integer value. Lower limit is 0. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
time-interval (Advanced Property)
| Description | Specifies the interval at which to check whether the log files need to be rotated. |
| Default Value | 5s |
| Allowed Values | A duration. Lower limit is 1 milliseconds. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
buffer-size (Advanced Property)
| Description | Specifies the log file buffer size. |
| Default Value | 64kb |
| Allowed Values | A positive integer representing a size. Lower limit is 1. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
compression-mechanism (Advanced Property, Read-Only)
| Description | Specifies the type of compression (if any) to use for log files that are written. Note that this setting cannot be changed once the logger has been created, because of the possibility of mixing compressed and uncompressed data in the same file. Further, because it is difficult to append to a compressed file, any existing active log file will automatically be rotated when the server is started. If compressed logging is used, it may also be desirable to have another logger enabled that does not use compression. The rotation and retention policies for the uncompressed logger can be configured to minimize the amount of space it consumes, but having ready access to information about recent operations in uncompressed form may be convenient for debugging purposes. Alternately, you could consider having the uncompressed logger defined but not enabled so that it can be turned on as needed for debugging such problems. |
| Default Value | none |
| Allowed Values | none - No compression will be performed. gzip - Compress file data using gzip with the default compression level. If this compression level is specified, then files will automatically be given a ".gz" extension. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Log Publishers:
dsconfig list-log-publishers
[--property {propertyName}] ...
To view the configuration for an existing Log Publisher:
dsconfig get-log-publisher-prop
--publisher-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Log Publisher:
dsconfig set-log-publisher-prop
--publisher-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new File Based Trace Log Publisher:
dsconfig create-log-publisher
--publisher-name {name}
--type {type}
--set enabled:{propertyValue}
--set log-file:{propertyValue}
[--set {propertyName}:{propertyValue}] ...
To delete an existing Log Publisher:
dsconfig delete-log-publisher
--publisher-name {name}