Enhancement: Enable Debug Logging Process Changed!

Angel_Tawade · September 5, 2024, 9:52pm

Description

We are delighted to inform you about the new process for enabling connector logs for ISC. This update is part of our initiative to standardize the method of configuring logging levels per connector, making the process more streamlined!

With the recent enhancement to the logging process, customers can now enable logging exclusively via ISC Rest APIs.

What is the problem ?

Enabling debug logging offers insight into all the Virtual Appliances (VAs) within the cluster, The purpose of the log is to serve as a red flag when something is broken. It enables the quick and effective detection of bugs and vulnerabilities.

While this capability is valuable during troubleshooting of issues related to source connectors., excessive logging can deplete resources, occupy excessive space, and potentially impede the performance of connector.

What is the Solution

Earlier methods for enabling logging in Identity Security Cloud by CCG Enable debug logs by connector, which involves updating the Log4j or Lo4j2 property file with logging classes of the connector to enable detailed logs about the operations the connector is performing, will cease to exist.

Moving forward, the logging functionality will be exclusively configurable through ISC Rest API!

Who is affected?

All ISC customers.

Important Dates

Enable Debug Logging for connector via Rest API is Live Now !!

Customer Communications

SaaS Updates | Developer Community

Note: To enable logs via CCG, Customers can collaborate with their Customer Success Manager (CSM) to enable them for a specific duration.

gmilunich · September 6, 2024, 6:07pm

@Angel_Tawade The link you included in the Compass section back to this page (Developer Community) is wrong, and attempts to go to

https://developer.sailpoint.com/discuss/c/announcements/prod-announcement-drafts/166#[REMOVED]

EDIT: The Link in this article above is wrong as well

Link to Article:

https://community.sailpoint.com/t5/SaaS-Updates-and-Announcements/Enhancement-Enable-Debug-Logging-Process-Changed/ba-p/257903

gmilunich · September 6, 2024, 6:19pm

Does this mean that we can no longer enable this from the VA?

That might break processes/utilities clients have developed for this purpose if that stops working

mpotti · September 10, 2024, 12:53pm

Look forward to building out new processes using the API’s to enable debugging. This will help in being able to speed up the process in tracking down issues in the logs!!!

adamian · September 10, 2024, 1:52pm

Great enhancement!! Delighted to hear that configuration using the log4j was removed!

I wonder if the configuration over the API is working properly now.
We had a ticket opened for a long time with some logs not being properly configured over the API.

Although this has been acknowledged a bug but the fix is in backlog as this seems to be a corner case and is planned to be deployed, fixed in upcoming sprints as we can add the loggers via log4j2.properties.

Since this will take time to have the fix in production, as part of protocol, in this case, we will keep this case archived and you can track the fix via your CSM over email by referencing the id PLTCONN-4941 or can reopen this case by simply replying to the thread and asking for an update.

I also hope SailPoint will take the time to enhance the page CCG Enable Debug Log by Connector - Compass (and similar) by removing obsolete information (mentions to log4j files), to avoid any confusion when people read unsupported examples.

standardize the method of configuring logging levels per connector

Can we update the document not to use beta APIs in order to have a standardized solution?

https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107