Enabling debug logging
To help with troubleshooting or monitoring, you can turn on activity logging for PingFederate, the ForgeRock Intelligent Access IdP Adapter, or both.
About this task
You can use logging for troubleshooting and analytics.
Learn more about logging in Enabling debug messages and console logging in the PingFederate documentation.
Steps
-
Open the
<pf_install>/pingfederate/server/default/conf/log4j2.xml
file for editing. -
To log activity for PingFederate and all adapters:
-
Find the following section:
<AsyncRoot level="INFO" includeLocation="false"> <!-- <AppenderRef ref="CONSOLE" /> --> <AppenderRef ref="FILE" /> </AsyncRoot>
-
Change
INFO
toDEBUG
:<AsyncRoot level="DEBUG" includeLocation="false"> <!-- <AppenderRef ref="CONSOLE" /> --> <AppenderRef ref="FILE" /> </AsyncRoot>
-
Optional: To see the adapter activity in the console, remove the comment tags that surround the
CONSOLE
line:<AsyncRoot level="INFO" includeLocation="false"> <AppenderRef ref="CONSOLE" /> <AppenderRef ref="FILE" /> </AsyncRoot>
-
-
To log activity relating to the ForgeRock Intelligent Access IdP Adapter:
Choose from:
-
To log activity for the ForgeRock Intelligent Access IdP Adapter as well as its HTTPS and component activity, add the following line:
<Logger name="com.pingidentity.adapters.forgerock" level="DEBUG"/>
-
To log activity for the adapter’s HTTPS activity and other components but not for the adapter itself, add the following line:
<Logger name="com.pingidentity.adapters.forgerock.shade" level="DEBUG"/>
-
To log activity for the ForgeRock Intelligent Access IdP Adapter but not its HTTPS or component activity, add the following lines:
<Logger name="com.pingidentity.adapters.forgerock" level="DEBUG"/> <Logger name="com.pingidentity.adapters.forgerock.shade" level="INFO"/>
-
-
Save the file.