Summary: this page explains where the dashboard/RestAPI log files are located, how to change their storage location if required and how to enable the Audit Trail facility. |
By default the dashboard/RestAPI will place all relevant log files (i.e. logs relative to the functioning of the dashboard) in the following location:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\logs WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\logs ZIP ≥ 2.x <unpacked_zip>\configurations\logs |
Logs are provided in two different formats:
Log files | Description | Notes | |
---|---|---|---|
restapi.log restapi.html | Records all web service interaction (errors, warnings etc.) |
| |
restapi.perf.log restapi.perf.html | Records performance information about user interaction. Not generated in CAST Dashboard ≥ 2.x. | ||
restapi.audit.log | Records successful user logins, failed logins, logouts, web application startup/stop. This log is not active by default. |
You do not need to change the location of the log files unless you specifically need to use a different location other than the default. To do so, you need to modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
To change the location of the log folder search for the following line in the file:
WAR 1.x - default location is within the web application parent folder <Property name="logPath">$${web:rootDir}/logs</Property> >>> WAR and ZIP ≥ 2.x - default location is a folder at the same level as the log4j2-spring.xml file <Property name="logPath">${log4j:configParentLocation}/logs</Property> |
Change /logs to the required location (for example /test) within the web application file hierarchy:
WAR 1.x <Property name="logPath">$${web:rootDir}/test</Property> >>> WAR and ZIP ≥ 2.x <Property name="logPath">${log4j:configParentLocation}/test</Property> |
Following any changes you make, save the .xml file and then restart your application server so that the changes are taken into account. Your log files will now be stored in the new location. For example:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\test WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\test ZIP ≥ 2.x <unpacked_zip>\configurations\test |
All log files that are generated have a default roll over strategy as follows:
This strategy can be modified as follows modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
Find the following two elements which control the strategy (there are two elements per log file):
<SizeBasedTriggeringPolicy size="10 MB"/> <DefaultRolloverStrategy max="5"/> |
Modify the options as necessary. Following any changes you make, save the .xml file and then restart your application server so that the changes are taken into account.
By default the log system is configured to ouput log messages only to *.log files. If you require messages to be output to *.html files as well, you need to modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
Add the line <AppenderRef ref="htmlout"/> to the following <Logger> elements in the file, this will give you the following:
WAR 1.x <Logger name="com.castsoftware.adg.webservice" level="info" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="htmlout"/> </Logger> <Logger name="com.castsoftware.adg.webservice.servlet" level="error" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="htmlout"/> </Logger> <Logger name="org.springframework" level="info" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="htmlout"/> </Logger> <Logger name="org.springframework.jdbc.core.JdbcTemplate" level="error" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="htmlout"/> </Logger> <Logger name="org.springframework.jdbc.core.StatementCreatorUtils" level="error" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="htmlout"/> </Logger> WAR and ZIP ≥ 2.x <Logger name="com.castsoftware.adg.webservice" level="info" additivity="false"> <!-- write in restapi.log all messages from com.castsoftware.adg.webservice with level <= INFO --> <AppenderRef ref="textout"/> <AppenderRef ref="stdout"/> <AppenderRef ref="htmlout"/> </Logger> <Logger name="org.springframework" level="info" additivity="false"> <AppenderRef ref="textout"/> <AppenderRef ref="stdout"/> <AppenderRef ref="htmlout"/> </Logger> |
Note that there are other <Logger> elements in the file, but these do not need modifying. |
By default, the various log outputs do not contain any information about successful user logins, failed logins, logouts, web application startup/stop etc. If you would like to see this information in a log file for security reasons, then you can enable the Audit Trail feature. To do so, you need to modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
Search for the following line in the file:
<Property name="auditLevel">OFF</Property> |
Change the OFF value to ALL:
<Property name="auditLevel">ALL</Property> |
Following any changes you make, save the .xml file and then restart your application server so that the changes are taken into account. Messages relating to successful user logins, failed logins, logouts, web application startup/stop will now be displayed in the restapi.audit.log file in the following format:
[ Date | ip address | level | user behavior | rest URL | user name | user role | delay time | source | application |
For example:
2015-03-19 18:05:07,488 | 192.168.16.73 | INFO | Application startup | SLI 2015-03-19 18:05:29,602 | 192.168.16.73 | INFO | Login successful | http://tomcat/testContext/rest/login CIO [NO_ROLE] 18 Engineering 2015-03-19 18:05:29,602 | 192.168.16.73 | INFO | Login successful | http://tomcat/testContext/rest/user CIO [NO_ROLE] 0 Engineering 2015-03-19 18:05:30,756 | 192.168.16.73 | INFO | User Logout | CIO Engineering 2015-03-19 18:05:34,723 | 192.168.16.73 | WARN | Login failed | cioS Engineering 2015-03-19 18:05:41,806 | 192.168.16.73 | INFO | Login successful | http://tomcat/testContext/rest/login admin [ADMIN] 0 Health 2015-03-19 18:05:41,806 | 192.168.16.73 | INFO | Login successful | http://tomcat/testContext/rest/user admin [ADMIN] 0 Ohters 2015-03-19 18:05:43,313 | 192.168.16.73 | INFO | User Logout | admin Others 2015-03-19 18:05:41,806 | 192.168.16.73 | INFO | Login successful | http://tomcat/testContext/rest/login admin [ADMIN] 0 Health 2015-03-19 18:05:41,806 | 192.168.16.73 | INFO | Login successful | http://tomcat/rest/AED10/applications/2/snapshots admin [ADMIN] 0 Engineering | Application - DATASTAGE |
Note that the rest URL, user role and delay time options are only displayed for successful login messages. |
By default, the log mechanism is not configured to provide any logging information to debug Active Directory/SAML authentication issues (see the relevant section in User authentication). If you have encountered issues activating Active Directory authentication, you can enable DEBUG log mode specifically to help resolve the problems you are having. To do so, you need to modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
Uncomment the following sections as appropriate (this can be found at the end of the file):
<!-- Uncomment on LDAP access issues --> <!-- <Logger name="org.springframework.security" level="debug"> <AppenderRef ref="textout"/> </Logger> --> <!-- Uncomment on SAML access issues --> <!-- <Logger name="org.springframework.security.saml" level="debug" additivity="false"> <AppenderRef ref="textout"/> </Logger> <Logger name="org.opemsaml" level="debug" additivity="false"> <AppenderRef ref="textout"/> </Logger> --> |
Following any changes you make, save the .xml file and then restart your application server so that the changes are taken into account. Messages relating to Active Directory authentication will now be displayed in the log files.
By default, the log file will not contain any DEBUG or SQL trace logs. If you need to see these items in the log file, you can enable them as follows. Modify the following file with a text editor:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\log4j2.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\log4j2-spring.xml ZIP ≥ 2.x <unpacked_zip>\configurations\log4j2-spring.xml |
Locate the following section:
<Logger name="org.springframework.jdbc.core.JdbcTemplate" level="error" additivity="false"> <AppenderRef ref="textout"/> </Logger> <Logger name="org.springframework.jdbc.core.StatementCreatorUtils" level="error" additivity="false"> <AppenderRef ref="textout"/> </Logger> |
Change level="error"
to level="debug"
to enable DEBUG logs:
<Logger name="org.springframework.jdbc.core.JdbcTemplate" level="error" additivity="false"> <AppenderRef ref="textout"/> </Logger> <Logger name="org.springframework.jdbc.core.StatementCreatorUtils" level="error" additivity="false"> <AppenderRef ref="textout"/> </Logger> |
Additionally, if you want to see SQL trace logs as well as DEBUG information, change level="debug"
to level="TRACE"
:
<Logger name="org.springframework.jdbc.core.JdbcTemplate" level="TRACE" additivity="false"> <AppenderRef ref="textout"/> </Logger> <Logger name="org.springframework.jdbc.core.StatementCreatorUtils" level="TRACE" additivity="false"> <AppenderRef ref="textout"/> </Logger> |
Locate the following commented section:
<!-- <Logger name="org.springframework.jdbc.core" level="debug" additivity="false"> <AppenderRef ref="textout"/> </Logger> --> |
Uncomment this section to enable DEBUG logs:
<Logger name="org.springframework.jdbc.core" level="debug" additivity="false"> <AppenderRef ref="textout"/> </Logger> |
Additionally, if you want to see SQL trace logs as well as DEBUG information, change level="debug"
to level="TRACE"
:
<Logger name="org.springframework.jdbc.core" level="TRACE" additivity="false"> <AppenderRef ref="textout"/> </Logger> |
Following any changes you make, save the .xml file and then restart your application server so that the changes are taken into account.