IIQ version 8.4p1
I am trying to print debug and warn logs but only warn logs are getting printed.
I am attaching the log4j file. Can anyone let me know what am i missing?
log4j.properties (18.0 KB)
Have you made any changes to the log4j.properties file ?
line 161: i have added debug
line 106-116: i have uncommented
earlier it used to print warn logs , now i want to print debug logs as well. so i made above changes
Have you restarted the logs or reload the configuration?
yes, did reload configuration
Please refer URL below:
(2) [Self-Note] Custom Logging Setup for SailPoint IIQ Rules | LinkedIn
To create separate SailPoint logs you need to add the following lines. (Note: I have tested against IIQ8.5)
make sure: it is forward slash.
appender.file.type=File
appender.file.name=file
appender.file.fileName=C:/Windows/SailPoint/sailpoint.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=%d{ISO8601} %5p %t %c{4}:%L - %m%n
Make sure you have C:/Windows/SailPoint/(make sure it is forward slash.) present and created with required permission.
as soon as you re-load the log4j(8.1p2)/Log4j2(IIQ8.5) config you will see the sailpoint.log will be created automatically.
– > Did you try to restart the application server by deleting the content inside work and temp folder of tomcat?
– > By the way how many application servers do you have and what is the current status of all the application servers from below path
Gear icon – > Administrator console – > Environment
We have observed similar behavior and resolved by restart the task servers/services, make sure all the servers up and running from Gear icon – > Administrator console – > Environment
I hope above steps will help resolve your issue, I assume you have added the log4j to all the UI/Task servers and reloaded correctly {in my testing scenario as sson as I re-load the log4j2 the sailpoint.log has been created.}, make sure all the servers up and running.
root cause: could be one of the servers will be silently shut down.
1 Like
there is only 1 server and its up
Also check this this point, You are only seeing WARN logs because the rootLogger.level is incorrectly configured. In Log4j2, the root logger can have only one level, but it is currently set to debug,warn,error, which prevents DEBUG logs from being printed. Set it to rootLogger.level=debug. Also, the SailPoint logger is explicitly set to warn, so DEBUG logs from SailPoint are suppressed change it to logger.sailpoint.level=debug if you want those logs. After making these changes and reload logging.
1 Like
Please refer my log4j2 file content:
what I have done is:
line number 49-53 un-commented
Line number- 90 un-commented, Liner number 85 by default it is there & make sure rootLogger.level is set to debug. – it is very important.
As @santhirajumunganda mentioned the below line number:142 also key important setting.
enabled couple of lines with debug level
#
# (c) Copyright 2018 SailPoint Technologies, Inc., All Rights Reserved.
#
# NOTE: The syntax of this file is different than what it was for
# IdentityIQ 7.3 and earlier. These syntax changes are due to
# our upgrade to log4j version 2.
#
# See https://logging.apache.org/log4j/2.x/manual/configuration.html
# for description of the new syntax.
#
######################################
## Global log4j2 properties
######################################
name=identityiq_default
status=warn
monitorInterval=20
packages=sailpoint.api.logging
#######################################
## Appenders
#######################################
### direct log messages to stdout ###
appender.stdout.type=Console
appender.stdout.name=stdout
appender.stdout.target=SYSTEM_OUT
appender.stdout.layout.type=PatternLayout
appender.stdout.layout.pattern=%d{ISO8601} %5p %t %c{4}:%L - %m%n
# CRLF log injection can reduce the value of application logs. CRLF log injection can
# be neutralized by applying log4j2's replace conversion pattern to a log message. If
# log4j2 environment is set up to use the PatternLayout, then while in stdout or file
# write, an administrator can use the 'replace' conversion pattern to a log message to
# neutralize CRLF sequence to double underscore. In the example below, the inner replace
# pattern replaces a sequence of line feed (\n) and carriage return (\r) to two underscores
# respectively, whereas the outer replace pattern replaces the carriage return and line feed
# sequence of a log message to two underscores respectively. Adjust double underscore from
# both the places as per one's own choice of sequence.
#appender.stdout.layout.pattern=%d{ISO8601} %5p %t %c{4}:%L - %replace{%replace{%m}{\n\r}{__}}{\r\n}{__}%n
### direct log messages to the db
appender.syslog.type=spsyslog
appender.syslog.name=spsyslog
# Below is an example of how to create a logger that writes to a file.
# Uncomment the following five lines, then uncomment the
# rootLogger.appenderRef.file.ref definition below
appender.file.type=File
appender.file.name=file
appender.file.fileName=C:/Windows/SailPoint/sailpoint.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=%d{ISO8601} %5p %t %c{4}:%L - %m%n
#
# SailPoint metering is useful to help diagnose performance issues.
# Some critical sections of code will gather performance data
# metrics, and will log the data to the meter appender.
#
# Below is an example of how to create a csv of metered data.
# Uncomment the following 11 lines, as well as the logger.apiMeter lines
# near the end of this file
#
#appender.meter.type=RollingFile
#appender.meter.name=meter
#appender.meter.fileName=C:/Windows/Temp/meter.log
#appender.meter.filePattern=C:/Windows/Temp/meter-%d{yyyy-MM-dd}-%i.log.gz"
#appender.meter.layout.type=PatternLayout
#appender.meter.layout.pattern=%m%n
#appender.meter.policies.type=Policies
#appender.meter.policies.size.type=SizeBasedTriggeringPolicy
#appender.meter.policies.size.size=10MB
#appender.meter.strategy.type=DefaultRolloverStrategy
#appender.meter.strategy.max=5
#######################################
## rootLogger
#######################################
### set default log levels and appenderRef
### valid log levels in increasing order of severity are:
### trace, debug, info, warn, error, fatal, off
### trace is required to get method entry and exit logging
rootLogger.level=debug
rootLogger.appenderRef.stdout.ref=stdout
# Uncomment to also write to file appender by default.
# Also need to uncomment the file appender definition above.
rootLogger.appenderRef.file.ref=file
#######################################
## 3rd-party loggers (recommended)
#######################################
# Suppress a warning about using a default configuration
logger.ehcache.name=net.sf.ehcache
logger.ehcache.level=error
# Suppress "narrowing proxy" hibernate warning.
logger.ohe_spc.name=org.hibernate.engine.StatefulPersistenceContext
logger.ohe_spc.level=error
# Suppress warnings about deprecated gadgets during import
logger.jasper_engine_xml.name=net.sf.jasperreports.engine.xml
logger.jasper_engine_xml.level=error
# Note: The following logging properties turn off warnings that result from our
# combination of technologies (Tomahawk/Faceletes/A4J, etc.).
# Commenting them out will result in a slew of parser warnings.
# If you don't want to clutter your logs with a bunch of useless warning
# messages please leave these as they are.
# Suppress warning message about Unparsable lastModified
logger.renderkit1.name=org.apache.myfaces.renderkit.html.util.MyFacesResourceLoader
logger.renderkit1.level=error
# Suppress warning message about response not having <head> or <body> tags
logger.renderkit2.name=org.apache.myfaces.renderkit.html.util.DefaultAddResource
logger.renderkit2.level=error
# Suppress warning message about invalid HTML inside javascript
# See http://www.mail-archive.com/users@myfaces.apache.org/msg50391.html
logger.renderkit3.name=org.apache.myfaces.renderkit.html.util.ReducedHTMLParser
logger.renderkit3.level=error
#######################################
## SailPoint loggers (required)
#######################################
# make sure the syslog code doesn't try to call itself if there's a problem.
# NOTE: The additivity flag is critical here!
logger.syslogAppender.name=sailpoint.api.logging.SyslogAppender
logger.syslogAppender.level=debug
logger.syslogAppender.appenderRef.stdout.ref=stdout
logger.syslogAppender.additivity=false
logger.syslogEvent.name=sailpoint.object.SyslogEvent
logger.syslogEvent.level=debug
logger.syslogEvent.appenderRef.stdout.ref=stdout
logger.syslogEvent.additivity=false
logger.sailpoint.name=sailpoint
logger.sailpoint.level=debug
logger.sailpoint.appenderRef.syslog.ref=spsyslog
# Hibernate logs a warn every time Criteria is used. Supress this until JPA migration is completed -rap
logger.hibernateDeprecation.name=org.hibernate.orm.deprecation
logger.hibernateDeprecation.level=debug
#######################################
## SailPoint loggers (troubleshooting)
#######################################
#logger.orgHibernate.name=org.hibernate
#logger.orgHibernate.level=info
#logger.orgHibernate.level=debug
#logger.orgHibernate.level=trace
#logger.hibernateCache.name=org.hibernate.cache
#logger.hibernateCache.level=trace
#logger.orgSpringframework.name=org.springframework
#logger.orgSpringframework.level=info
#logger.orgQuartz.name=org.quartz
#logger.orgQuartz.level=info
# Uncomment to log all SQL and prepared statement parameter values.
#logger.hibernateSQL.name=org.hibernate.SQL
#logger.hibernateSQL.level=debug
#logger.hibernateType.name=org.hibernate.type
#logger.hibernateType.level=trace
# Uncomment this to log all SailPoint generated HQL queries and
# query parameters.
#logger.persistenceHQL.name=sailpoint.persistence.hql
#logger.persistenceHQL.level=trace
# Uncomment to view JSF logging
#logger.phaseTracker.name=sailpoint.web.util.PhaseTracker
#logger.phaseTracker.level=trace
#logger.sunFaces.name=com.sun.faces
#logger.sunFaces.level=trace
#logger.javaxFaces.name=javax.faces
#logger.javaxFaces.level=trace
# Uncomment to enable logging of performance metering data
#logger.apiMeter.name=sailpoint.api.Meter
#logger.apiMeter.level=info
#logger.apiMeter.appenderRef.meter.ref=meter
# Uncomment to enable authentication related logging
#logger.authFilter.name=sailpoint.web.PageAuthenticationFilter
#logger.authFilter.level=debug
#logger.authService.name=sailpoint.service.PageAuthenticationService
#logger.authService.level=debug
#logger.ssoValidator.name=sailpoint.web.sso.DefaultSSOValidator
#logger.ssoValidator.level=debug
#logger.ssoDefault.name=sailpoint.web.sso.DefaultSSOAuthenticator
#logger.ssoDefault.level=debug
#logger.ssoSAML.name=sailpoint.web.sso.SAMLSSOAuthenticator
#logger.ssoSAML.level=debug
# Uncomment to enable detailed multi-factor authentication logging
#logger.mfaFilter.name=sailpoint.web.MFAFilter
#logger.mfaFilter.level=debug
#logger.mfaLibrary.name=sailpoint.workflow.MFALibrary
#logger.mfaLibrary.level=info
# Uncomment to enable detailed statistics monitoring logging
#logger.monitoringService.name=sailpoint.server.MonitoringService
#logger.monitoringService.level=debug
logger.aggregator.name=sailpoint.api.Aggregator
logger.aggregator.level=debug
#logger.cacheTracker.name=sailpoint.api.CacheTracker
#logger.cacheTracker.level=trace
#logger.certificationer.name=sailpoint.api.Certificationer
#logger.certificationer.level=info
#logger.remediationManager.name=sailpoint.api.certification.RemediationManager
#logger.remediationManager.level=info
#logger.certificationPhaser.name=sailpoint.api.CertificationPhaser
#logger.certificationPhaser.level=info
#logger.correlationModel.name=sailpoint.api.CorrelationModel
#logger.correlationModel.level=info
#logger.lockTracer.name=sailpoint.api.LockTracker
#logger.lockTracer.level=trace
#logger.managedAttributer.name=sailpoint.api.ManagedAttributer
#logger.managedAttributer.level=info
#logger.provisioner.name=sailpoint.api.Provisioner
#logger.provisioner.level=info
#logger.oimClient.name=sailpoint.integration.oim.OIMClient
#logger.oimClient.level=info
#logger.objectConfig.name=sailpoint.object.ObjectConfig
#logger.objectConfig.level=info
#logger.dateType.name=sailpoint.persistence.DateType
#logger.dateType.level=info
#logger.debugInterceptor.name=sailpoint.persistence.DebugInterceptor
#logger.debugInterceptor.level=debug
#logger.hibernatePersistenceManager.name=sailpoint.persistence.HibernatePersistenceManager
#logger.hibernatePersistenceManager.level=trace
#logger.hibernatePersistenceManager.level=info
#logger.newXmlType.name=sailpoint.persistence.NewXmlType
#logger.newXmlType.level=info
#logger.sailPointInterceptor.name=sailpoint.persistence.SailPointInterceptor
#logger.sailPointInterceptor.level=info
#logger.xmlType.name=sailpoint.persistence.XmlType
#logger.xmlType.level=info
#logger.sailpointReporting.name=sailpoint.reporting
#logger.sailpointReporting.level=trace
#logger.bsfRuleRunner.name=sailpoint.server.BSFRuleRunner
#logger.bsfRuleRunner.level=trace
#logger.cacheService.name=sailpoint.server.CacheService
#logger.cacheService.level=info
logger.serverEnvironment.name=sailpoint.server.Environment
logger.serverEnvironment.level=debug
logger.iiqRestService.name=sailpoint.service.IIQRestService
logger.iiqRestService.level=debug
logger.idRefreshExecutor.name=sailpoint.task.IdentityRefreshExecutor
logger.idRefreshExecutor.level=debug
#logger.roleSynchronizer.name=sailpoint.task.RoleSynchronizer
#logger.roleSynchronizer.level=info
#logger.timingFilter.name=sailpoint.web.util.TimingFilter
#logger.timingFilter.level=trace
#logger.heartbeat.name=sailpoint.server.HeartbeatService
#logger.heartbeat.level=trace
#logger.identityai.name=sailpoint.identityai
#logger.identityai.level=debug
#logger.connector_sm.name=sailpoint.connector.sm
#logger.connector_sm.level=debug
#logger.rs.name=sailpoint.rapidsetup
#logger.rs.level=debug
#logger.rsl.name=sailpoint.workflow.RapidSetupLibrary
#logger.rsl.level=debug
#logger.post_commit_handler.name=sailpoint.persistence.PostCommitUpdateListener
#logger.post_commit_handler.level=debug
#logger.hibernateListenerService.name=sailpoint.persistence.HibernateListenerService
#logger.hibernateListenerService.level=debug
# Uncomment to enable detailed AccessHistory logging
#logger.accesshistory.name=sailpoint.accesshistory
#logger.accesshistory.level=debug
# Uncomment to enable detailed change event generation logging
#logger.changeevent.name=sailpoint.accesshistory.changeevent
#logger.changeevent.level=debug
# Uncomment to enable detailed logging for AccessHistoryUtil
#logger.accesshistoryutil.name=sailpoint.accesshistory.AccessHistoryUtil
#logger.accesshistoryutil.level=debug
# Uncomment to enable detailed logging for ALL Identity event generators
#logger.identityeventgenerators.name=sailpoint.accesshistory.event.identity
#logger.identityeventgenerators.level=debug
# Uncomment to enable detailed logging for Identity AssignedRoleAddedEventGenerator
#logger.identityassignedroleadded.name=sailpoint.accesshistory.event.identity.AssignedRoleAddedEventGenerator
#logger.identityassignedroleadded.level=debug
# Uncomment to enable detailed logging for Identity AssignedRoleRemovedEventGenerator
#logger.identityassignedroleremoved.name=sailpoint.accesshistory.event.identity.AssignedRoleRemovedEventGenerator
#logger.identityassignedroleremoved.level=debug
# Uncomment to enable detailed logging for Identity DetectedRoleAddedEventGenerator
#logger.identityassignedroleadded.name=sailpoint.accesshistory.event.identity.DetectedRoleAddedEventGenerator
#logger.identityassignedroleadded.level=debug
# Uncomment to enable detailed logging for Identity DetectedRoleRemovedEventGenerator
#logger.identitydetectedroleremoved.name=sailpoint.accesshistory.event.identity.DetectedRoleRemovedEventGenerator
#logger.identitydetectedroleremoved.level=debug
# Uncomment to enable detailed logging for Identity EntitlementAddedEventGenerator
#logger.identityentitlementadded.name=sailpoint.accesshistory.event.identity.EntitlementAddedEventGenerator
#logger.identityentitlementadded.level=debug
# Uncomment to enable detailed logging for Identity EntitlementRemovedEventGenerator
#logger.identityentitlementremoved.name=sailpoint.accesshistory.event.identity.EntitlementRemovedEventGenerator
#logger.identityentitlementremoved.level=debug
# Uncomment to enable detailed logging for Identity ManagerChangeEventGenerator
#logger.identitymanagerchanage.name=sailpoint.accesshistory.event.identity.ManagerChangeEventGenerator
#logger.identitymanagerchanage.level=debug
# Uncomment to enable detailed logging for Identity StatusChangeEventGenerator
#logger.identitystatuschanage.name=sailpoint.accesshistory.event.identity.StatusChangeEventGenerator
#logger.identitystatuschanage.level=debug
# Uncomment to enable detailed logging for IdentityAttributeChangeEventGenerator
#logger.identityattributechanage.name=sailpoint.accesshistory.event.identity.IdentityAttributeChangeEventGenerator
#logger.identityattributechanage.level=debug
# Uncomment to enable detailed logging for Identity PolicyViolationMitigationEventGenerator
#logger.identitypolicyviolationmitigation.name=sailpoint.accesshistory.event.identity.PolicyViolationMitigationEventGenerator
#logger.identitypolicyviolationmitigation.level=debug
#Uncomment to enable detailed logging for BaseDataExtractExecutor
logger.basedataextractexecutor.name=sailpoint.task.BaseDataExtractExecutor
logger.basedataextractexecutor.level=debug
my sailpoint.log traces - I can see the expected traces.
3 Likes