PingAccess

Enabling sideband client traffic logging

Enable sideband client audit logging, including transactions sent to or from the sideband client integration.

Steps

  1. Edit the PA_HOME/conf/log4j2.xml file.

  2. In the Logger section, uncomment the AppenderRef element for the sideband client audit log HAR file.

    Example:

           <!-- Audit Log Configuration-->
            ...
            <Logger name="sidebandclientaudit" level="INFO" additivity="false">
                <AppenderRef ref="SidebandClientAuditLog-File"/>
                <!--<AppenderRef ref="SidebandClientAuditLog-Database-Failover"/>-->
                <!--<AppenderRef ref="SidebandClientAuditLog-SQLServer-Database-Failover"/>-->
                <!--<AppenderRef ref="SidebandClientAuditLog-PostgreSQL"/>-->
                <!--<AppenderRef ref="SidebandClientAudit2Splunk"/>-->
                <AppenderRef ref="SidebandClientAuditLog-HarFile"/>
            </Logger>
  3. In the Appenders section, uncomment the RollingFile element for the engine audit log HAR file.

    Example:

        <Appenders>
            ...
            <RollingFile name="SidebandClientAuditLog-HarFile"
                         fileName="${sys:pa.home}/log/pingaccess_sideband_client_audit_har.log"
                         filePattern="${sys:pa.home}/log/pingaccess_sideband_client_audit_har.%d{yyyy-MM-dd}.log"
                         ignoreExceptions="false">
                <StatusCodeRegExFilter regex="5.."/>
                <HarLogLayout clientBodySizeLimit="16384" appBodySizeLimit="16384">
                    <KeyValuePair key="AUDIT.metadata" value="true"/>
                    <KeyValuePair key="AUDIT.http-client" value="true"/>
                    <KeyValuePair key="AUDIT.http-app" value="true"/>
                </HarLogLayout>
                <Policies>
                    <TimeBasedTriggeringPolicy />
                </Policies>
            </RollingFile>
            ...
        </Appenders>
  4. Optional: To filter the entries to add to the log file, edit the value of the StatusCodeRegExFilter element.

  5. Optional: To specify what information to log, add or edit the values in the HarLogLayout section of the RollingFile element.

    You can add or edit metadata, client response, and app response values. For more information, see Traffic logging reference.

Result

Logging begins when the configuration reloads. The configuration reloads at regular intervals according to the monitorInterval value.