This chapter contains the following sections:
The Oracle® Identity Analytics System Log (rbacx.log) captures information that is useful for both troubleshooting and general monitoring purposes. In particular, the System Log captures information about exceptions that arise while running the application.
The system log is located in the $RBACX_HOME/logs folder.
Note:
The $RBACX_HOME environment variable denotes the path to the directory in which the Oracle Identity Analytics 11gR1 software is installed.
Note:
Oracle Identity Analytics writes messages to two other logs: the Audit Event Log and the Import-Export Log.
The Audit Event Log records actions that affect users, such as Add, Modify, and Delete user actions, user password updates, and login and logout actions.
The Import-Export Log records details about import jobs, including user imports, account imports, and glossary imports, and export jobs.
These logs are documented in Chapter 13, "Audit Event Log and Import-Export Log."
This document explains how to configure Oracle Identity Analytics logging.
Oracle Identity Analytics uses a Java™ logging framework called log4j. Oracle Identity Analytics log files are listed in the log4j.properties file, which is located in the $RBACX_HOME/WEB-INF folder. The log4j.properties file is used to configure different logging levels within Oracle Identity Analytics and also to enable and disable logging as needed. Each line in the log4j.properties file corresponds to a component in Oracle Identity Analytics, and each component can output messages to a log.
Note:
If Oracle Identity Analytics is deployed on WebSphere and the system is not writing messages to the System Log file, try the following:
Open the following file in a text editor:
$RBACX_WAR/META-INF/services/org.apache.commons.
logging.LogFactory
Replace the existing value with the following value and save your changes:
org.apache.commons.logging.impl.Log4jFactory
The following table defines the four levels of logging that can be set within log4j for Oracle Identity Analytics components.
Table 15-1 Logging Levels in log4j for Oracle Identity Analytics Components
| Level | Description |
|---|---|
|
FATAL |
This level will record events only if a severe error condition occurs. Use this setting if the minimum amount of logging is desired. |
|
ERROR |
This level will record events if there is an ERROR condition. |
|
WARN |
This is the default level. It records events if potentially harmful situations occur. |
|
DEBUG |
Use this setting if the maximum amount of logging is desired. |
The following table describes the more than two dozen sections that make up the Oracle Identity Analytics log4j.properties file. Set properties in a given section to control logging for individual components. Sections are listed in the table in the same order that they appear in the default Oracle Identity Analytics log4j.properties file. For reference, see Section 15.3.3, "log4j.properties File" at the end of this chapter.
Table 15-2 Configuration Settings in the Oracle Identity Analytics log4j.properties File
| Section | Description |
|---|---|
|
Console Appender |
These properties control how Java console logging events are formatted. Note - These properties apply to the logging format only. |
|
File Appender |
These properties configure the |
|
Tomcat logging |
Configures Tomcat-related logging if Oracle Identity Analytics is deployed to a Tomcat application server. Logs are generated and stored in the $RBACX_HOME |
|
VAAU commons logging |
Configures message logging having to do with component interactions within Oracle Identity Analytics. |
|
Oracle Identity Analytics Core logging |
Configures the logging of core events inside Oracle Identity Analytics. Note - These properties should be changed when troubleshooting in Oracle Identity Analytics. |
|
Oracle Identity Analytics Security logging |
Configures the logging of events related to security in Oracle Identity Analytics. This setting includes user creation and login/logout events in Oracle Identity Analytics. |
|
Oracle Identity Analytics Scheduling logging |
Configures scheduler component logging in Oracle Identity Analytics. Events recorded by the Quartz Job Scheduler component can be configured using this property. |
|
Oracle Identity Analytics ETL |
Configures the logging of events output by the ETL (Extract, Transform, and Load) process inside Oracle Identity Analytics. |
|
Oracle Identity Analytics IAM logging |
Configures the logging of events based on activity between Oracle Identity Analytics and an IAM (Identity Access Management) server. This includes any file-based imports that occur inside Oracle Identity Analytics. |
|
Oracle Identity Analytics Reporting logging |
Configures the logging of events related to the running of reports inside Oracle Identity Analytics. |
|
Oracle Identity Analytics Audit logging |
Configures the logging of auditing events inside Oracle Identity Analytics, such as login/logout events and changes made inside Oracle Identity Analytics. |
|
Oracle Identity Analytics IDC logging |
Configures the logging of events related to the Oracle Identity Analytics Identity Certification component. |
|
System |
Configures the logging of System component events in Oracle Identity Analytics. |
|
Sandbox |
Configures the logging of identity audit (IDA) inside Oracle Identity Analytics. |
|
Workflow |
Configures the logging of Oracle Identity Analytics workflow events. |
|
SqlMap logging configuration |
Configures the logging of events having to do with communications between the database and Oracle Identity Analytics. |
|
Spring Framework |
Configures the logging of events that have to do with the underlying Spring Framework. Oracle Identity Analytics is built using the Spring Framework. Note - These properties should be changed when troubleshooting in Oracle Identity Analytics. |
|
JIAM log |
Configures the logging of events based on activity between a JIAM connection, such as CA-Admin, and Oracle Identity Analytics. |
|
Quartz scheduler |
Configures the logging of events that have to do with the Quartz Job Scheduler that is used in Oracle Identity Analytics. Also see the "Oracle Identity Analytics Scheduling logging" property, above. |
|
DWR |
Configures the logging of events related to the web client (user interface) JSP™ pages. |
|
ehcache |
Configures the logging of events related to the cache on the Oracle Identity Analytics web client (user interface). (Ehcache is a Java cache library that is used in Oracle Identity Analytics.) |
|
CloverETL |
Configures the logging of events related to the CloverETL framework. The CloverETL framework is used in support of the Oracle Identity Analytics ETL (extract, transform, load) functionality. |
|
C3pO |
Configures the logging of events related to the c3p0 library. Oracle Identity Analytics uses the c3pO library to support common database pooling. |
|
JasperReports |
Configures the logging of events related to the JasperReports library. Oracle Identity Analytics uses the JasperReports library to create and output reports. |
This section provides a sample log4j.properties file.
log4j.rootLogger=INFO, file
# Console Appender
log4j.appender.console=org.apache.log4j.ConsoleAppender
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern=%d{ABSOLUTE} %-5p [%c{1}] %m%n
# File Appender
log4j.appender.file=org.apache.log4j.DailyRollingFileAppender
log4j.appender.file.file=logs/rbacx.log
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %-5p [%c{1}] %m%n
log4j.appender.file.ImmediateFlush=true
log4j.appender.file.DatePattern='.'yyyy-MM-dd
# Tomcat logging
log4j.logger.org.apache.catalina=WARN
# DON'T EDIT FOLLOWING
log4j.logger.com.vaau.commons.springframework.context.ContextLifecycleListener=INFO
#VAAU commons logging
log4j.logger.com.vaau.commons=WARN
#RBACx Core logging
log4j.logger.com.vaau.rbacx= WARN
log4j.logger.com.vaau.rbacx.core= WARN
log4j.logger.com.vaau.rbacx.service= WARN
log4j.logger.com.vaau.rbacx.manager= WARN
# RBACx Security logging
log4j.logger.com.vaau.rbacx.security=WARN
#RBACx Scheduling logging
log4j.logger.com.vaau.rbacx.scheduling=DEBUG
# RBACx ETL
log4j.logger.com.vaau.rbacx.etl.manager=WARN
#RBACx IAM logging
log4j.logger.com.vaau.rbacx.iam= DEBUG
#RBACx Reporting logging
log4j.logger.com.vaau.rbacx.reporting=WARN
#RBACx Audit logging
log4j.logger.com.vaau.rbacx.audit=WARN
# RBACx IDC logging
log4j.logger.com.vaau.rbacx.idc=WARN
# SYSTEM
log4j.logger.com.vaau.rbacx.system=DEBUG
# Sandbox
log4j.logger.com.vaau.rbacx.sandbox.ida=WARN
log4j.logger.com.vaau.rbacx.sandbox.rme=WARN
# Workflow
log4j.logger.com.vaau.rbacx.workflow=WARN
log4j.logger.com.opensymphony.workflow.AbstractWorkflow=ERROR
# SqlMap logging configuration. Change WARN to DEBUG if want to see all sql statements
log4j.logger.com.ibatis=WARN
log4j.logger.com.ibatis.common.jdbc.SimpleDataSource=WARN
log4j.logger.com.ibatis.common.jdbc.ScriptRunner=WARN
log4j.logger.com.ibatis.sqlmap.engine.impl.SqlMapClientDelegate=WARN
log4j.logger.org.springframework.jdbc.datasource.DataSourceTransactionManager=WARN
log4j.logger.java.sql.Connection=WARN
log4j.logger.java.sql.Statement=WARN
log4j.logger.java.sql.PreparedStatement=WARN
#Spring Framework
log4j.logger.org.springframework=WARN
log4j.logger.org.springframework.rules.values=WARN
log4j.logger.org.springframework.context.support=WARN
log4j.logger.org.springframework.transaction=WARN
log4j.logger.org.springframework.aop.interceptor=WARN
log4j.logger.org.springframework.security=WARN
log4j.logger.org.springframework.security.event.authentication.LoggerListener=FATAL
# For Trace Logging change them TRACE
log4j.logger.org.springframework.aop.interceptor.PerformanceMonitorInterceptor=WARN
log4j.logger.org.springframework.aop.interceptor.CustomizableTraceInterceptor=WARN
##JIAM log
log4j.category.com.ca=WARN
#log4j.category.com.ca.commons.jndi=DEBUG
#Quartz scheduler
log4j.logger.org.quartz=WARN
#DWR
log4j.logger.uk.ltd.getahead.dwr=FATAL
log4j.logger.org.directwebremoting=FATAL
#ehcache
log4j.logger.net.sf.ehcache=ERROR
#CloverETL
log4j.logger.org.jetel=ERROR
#C3p0
log4j.logger.com.mchange=ERROR
# JasperReports
log4j.logger.net.sf.jasperreports=ERROR
log4j.logger.com.vaau.rbacx.search=WARN
log4j.logger.com.vaau.commons.search=WARN