When diagnosing a problem, you may not want detailed logs for every operation that a component performs.
For example, to diagnose slow response times for requests that an Identity Server submits to its directory, you would want detailed information on LDAP operations and fewer details about other types of operations.
As of release 10.1.4.2, you can configure per-module or per-function threshold levels in the log configuration file, so that Access Manager generates detailed logs for some components while generating concise logs, or no logs, for others.
You configure per-module logging thresholds in a MODULE_CONFIG
section in the oblog_config_wg.xml file. The MODULE_CONFIG
section overrides the global default that you specify on the LOG_THRESHOLD_LEVEL
in the simple list section of this file.
The rest of this section discusses the following topics:
In addition to the global threshold, the configuration file can contain a ValNameList
that defines function- or module-specific log thresholds. The name of this list is always MODULE_CONFIG
.
As described in "Structure and Parameters of the WebGate Log Configuration File", in the log configuration file you configure a global logging threshold. The following is an example of the global LOG_THRESHOLD_LEVEL
setting:
<SimpleList> <NameValPair ParamName="LOG_THRESHOLD_LEVEL" Value="LOGLEVEL_WARNING" /> . . . </SimpleList>
Only one instance of MODULE_CONFIG
is permitted in the log configuration file, and the information in the list applies to all log writers defined in the file. As of release 10.1.4.2, the default log configuration file contains a commented sample of the MODULE_CONFIG
list.
Each item in the MODULE_CONFIG
list sets a logging level for a module, as shown in the following example:
<ValNameList xmlns="http://www.oblix.com" ListName="MODULE_CONFIG"> <NameValPair ParamName="LDAP" Value="LOGLEVEL_TRACE"></NameValPair> <NameValPair ParamName="DB_RUNTIME" Value="LOGLEVEL_TRACE"></NameValPair></ValNameList>
The elements in this section are as follows:
The ValNameList
tag delimits the list of per-module logging thresholds.
One NameValPair
tag delimits each specific per-module logging threshold.
The ParamName
parameter sets the name of a module or function.
See Table 9-8 for a list of valid values.
The Value
parameter sets the logging threshold for the module that you specify as a value for the ParamName
parameter.
Table 9-1 lists the permissible values for the Value
parameter. In addition to these values, you can specify the value ON
to enable logging for the module and a value of OFF
to disable logging for the specific module.
The following sections contain more information.
You add the per-module logging threshold section near the end of the log configuration file, after the closing tag for the compound list for the log-handlers and before the closing tag for the first compound list in the file.
This section contains an example of the per-module logging section. See "Configuring a Log Level Threshold for a Function or Module" for details.
You can specify values for the ParamName
parameter in the MODULE_CONFIG
list.
Table 9-8 describes the a partial list of values that can be logged.
Table 9-8 ParamName Values You Can Configure for Per-Module Logging Threshold
ParamName Value | Logging Threshold That This Parameter Sets |
---|---|
|
Sets a logging threshold for triggered actions that are configured as part of a policy in the OAM Server. <ValNameList xmlns="http://www.oblix.com" ListName="MODULE_CONFIG"> <NameValPair Paramname="AAA_ACTIONS" Value="OFF"> </NameValPair> |
|
Sets a logging threshold for activity performed by the Access Manager engine. |
|
Sets a logging threshold for all OAM Server activities related to determining if a resource operation is protected. |
|
Sets a logging threshold for operations performed by an access client, that is, an Access Client or Webgate. |
|
Sets a logging threshold for operations performed by an Access Client. |
|
Sets a logging threshold for operations performed by the Access Manager SDK interface. See the Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details. |
|
Sets a logging threshold for operations performed in the OAM Server. |
|
Sets a logging threshold for the Access Manager SDK. See the Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details. |
|
Sets a logging threshold for auditing. See Auditing Administrative and Run-time Events for details. |
|
Sets a logging threshold for user authentication operations. |
|
Sets a logging threshold for authentication scheme management. |
|
Sets a logging threshold for operations performed by an authentication plug-in. |
|
Sets a logging threshold for user authorization operations. |
|
Sets a logging threshold for authorization scheme management. |
|
Sets a logging threshold for authorization plug-in operations. |
|
Sets a logging threshold for cache management and operations on the caches. |
|
Sets a logging threshold for connection management. |
|
Sets a logging threshold for connection run time. |
|
Sets a logging threshold for client-sever connectivity and messaging. |
|
Sets a logging threshold for the data store interface layer configuration. |
|
Sets a logging threshold for the data store interface layer run time. |
|
Sets a logging threshold for the diagnostic framework. |
|
Sets the threshold for logging accesses of Group Manager data in the directory. |
|
Sets the threshold for logging Group Manager operations. |
|
Sets the threshold for logging HTTP request processing. |
|
Sets the threshold for logging IDXML operations. See the Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details. |
|
Sets a logging threshold for LDAP SDK, for example: <ValNameList xmlns="http://www.oblix.com" ListName="MODULE_CONFIG"> <NameValPair Paramname="LDAP" Value="LOGLEVEL_TRACE"> </NameValPair> |
|
Sets a logging threshold for network APIs. |
|
Sets a logging threshold for |
|
Sets a logging threshold for the Identity client. |
|
Sets a logging threshold for policy and policy domain management. |
|
Sets a logging threshold for Identity Event Plug-in API operations. See the Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details. |
|
Sets a logging threshold for Query Builder operations. |
|
Sets a logging threshold for the security and encryption library. |
|
Sets a logging threshold for Selector operations. |
|
Sets a logging threshold for server infrastructure. |
|
Single sign-on token management. |
|
Sets a logging threshold for utility classes. |
|
Sets a logging threshold for the Web server plug-in interface. |
|
Sets a logging threshold for the XML Infrastructure. |