Writing LogRecords To A Log File or Table

LogSample.java takes several command-line arguments, authenticates with the Access Manager server, creates a LogRecord, then logs the log record to the specified log file or table. The Access Manager Logging Service determines whether the log records go to a flat file or to a relational database management system (RDBMS), according to the service configuration. The following example command line uses the LogSample script:

./RunSample -o dc=iplanet,dc=com -u amadmin -p mypassword -n mylog \
            -m "my message to log in mylog" -l user1 -w user1password

In LogSample.java, the command-line arguments are read. The following arguments are used to acquire the SSOToken that is specified in invoking the LogRecord(loglevel, message, token) method:

-o

organization name

-u

userID

-p

userID password

The Logging Service extracts other pieces of information from this userID SSOToken when processing the LogRecord request. Ideally, the userID specified is the user who is the subject of the record being logged. The -m (message) argument is also used in the LogRecord call.

userToken =getSessionToken(orgname, args[userSID], args[userPWD]); 
logRecord = new LogRecord(java.util.logging.Level.INFO, args[message], userToken); 
logRecord.addLogInfo("ModuleName", "MyModule");

MyModule is added as the ModuleName property is added to the LogRecord using the addLogInfo() call. The -n (log name) argument is used in the Logger.getLogger(logname) call. The -l (logged by userID) and -w (logged by userID's password) are used to get the SSOToken specified in the logger.log(logRecord, loggedByToken) call. Where the userID associated with the LogRecord SSOToken is usually the subject of the log record, the userID associated with the log() SSOToken is the user doing the logging. In the actual log file, the values for the log record fields come from the following parameters:

time

added by the Logging Service, and is taken from the Access Manager system clock when the LogRecord is instantiated.

Data

The message as specified in the LogRecord() call. In LogSample.java, the value after the -m option: my message to log in mylog.

ModuleName

The value specified for the ModuleName property (or LogConstants.MODULE_NAME property in the addLogInfo() call. If no value is specified, this field will read:Not Available .

MessageID

The value specified for theMessageID property (or LogConstants.MESSAGE_ID property in an addLogInfo() call. If no value is specified, this field will read: Not Available. LogSample.java does not add a value for this property.

Domain

The value for this field is extracted from the SSOToken specified in the LogRecord() call. This corresponds to the subject, userID's domain, or organization.

ContextID

The value for this field is extracted from the SSOToken specified in the LogRecord() call.

LogLevel

The value specified in the LogRecord() call. In LogSample.java, the value is java.util.logging.Level.INFO (INFO in the log file).

LoginID

The value for this field is extracted from the SSOToken specified in the LogRecord()call. For example, the value can be the DN for the userID specified in the -u command-line option.

IPAddr

The value for this field is extracted from the SSOToken specified in the LogRecord() call.

LoggedBy

The value for this field is extracted from the SSOToken specified in the logger.log() call. For example, the value can be the DN for the userID specified in the -l command-line option.

HostName

The value for this field is extracted from the SSOToken specified in the LogRecord() call. The value is the host name that corresponds to the address in the IPAddr field, if it can be resolved.