Skip to content

Loggers

Logger is a system module that sends information about system events (such as creating an asset) to external media. The event record includes the following event data in Common Events Format (CEF):

  • Issuer URL of the event
  • Vendor and the product of the event issuer
  • Product version
  • Event Level (TRACE, DEBUG, INFO, WARN or ERROR)
  • Event Category (Create Asset, Login, etc)
  • Node originating the event
  • User originating the event
  • Object of the event (Asset, Principal, etc)
  • Unique Event Object ID
  • IP address of the event originator
  • Tenant originating the event
  • Event message with additional information

The system supports the following loggers types:

  • Console - Console logger prints events on the system console when the application is run from the command line. When the application is run on a Linux platform the events printed on the console are captured in the catalina.out file in the $HOME/web/logs folders.
  • File - File logger prints events in the specified file. File logger supports log file archiving based on several conditions as well as deletion of the old archives.
  • Syslog - Syslog logger streams log records over the network to syslog servers using UDP or TCP protocols.

Note

Logger configuration is available for base tenants only. Enabled logger configuration affects all tenants in the system, with the exception of the filter rules.

Typical uses of the logger configuration are outlined below:

  • Stream all system events (or events generated by certain tenants) to an external SIEM system.
  • Change location of the log file to the location outside of the installation $HOME directory.
  • Segregate events generated by certain tenants into separate files.
  • Enable debug or trace logging for certain modules of the system to troubleshoot specific functionality.

Event Filtering

All loggers support event filtering by tenant or message search conditions and for the specified Event Level by the module originating the event. To enable logging for the whole application use the module com.otna in the required event level field. To filter the specific module use the module name* as provided by vendor support or as found in the resulting log file.

If no console logger is configured, the system will automatically create one with default settings and if any console loggers are configured, they will override the default logger’s parameters. If you need to create a console logger with specific filters, remember that the default console logger must be created separately if needed.

In the absence of any configured file logger the system creates a default file logger with default parameters. Any configured file logger (or several of them) overwrites parameters of the default file logger. Note that when creating a file logger with filter or another file location the default file logger needs to be created separately is required.

Note

Disabled loggers are not used by the system, but it allows saving certain logger configurations for future use when needed (for example, to troubleshoot the application or a specific behavior).