Configuring filtered logging
PingAuthorize Server provides a mechanism to filter access log messages based on specific criteria.
About this task
You can use the filtered log with a custom log publisher to create and generate your own custom logs. Adding new filtered logs and associate publishers doesn’t change the behavior of any existing logs. For example, adding a new log that only contains operations that were unsuccessful doesn’t result in those operations being removed from the default access log.
The following example shows how to create a set of criteria that matches any operation that didn’t complete successfully. It then explains how to create a custom access log publisher that logs only operations matching that criteria.
This log does not include messages for connects or disconnects, and only a single message is logged per operation. This message contains both the request and result details. |
To run log filtering based on any operation result, such as result code, processing time, and response controls, turn off request logging and set the include-request-details-in-result-messages
property to TRUE
.
Because filtering based on the results of an operation can’t be done until the operation completes, the server has no idea whether to log the request. Therefore, it might log request messages but not log any result messages. If you can only log result messages and include request details in the result messages, then only messages for operations that match the result criteria are logged. All pertinent information about the corresponding requests are included.
Steps
-
Use the
dsconfig
command in non-interactive mode to create a result criteria object set tofailure-result-codes
, a predefined set of result codes that indicate when an operation didn’t complete successfully.Example:
$ bin/dsconfig create-result-criteria --type simple \ --criteria-name "Failed Operations" --set result-code-criteria:failure-result-codes
-
Use
dsconfig
to create the corresponding log publisher that uses the result criteria.The log rotation and retention policies are also set with this command.
Example:
$ bin/dsconfig create-log-publisher \ --type file-based-access \ --publisher-name "Filtered Failed Operations" \ --set enabled:true \ --set log-connects:false \ --set log-disconnects:false \ --set log-requests:false \ --set "result-criteria:Failed Operations" \ --set log-file:logs/failed-ops.log \ --set include-request-details-in-result-messages:true \ --set "rotation-policy:7 Days Time Limit Rotation Policy" \ --set "retention-policy:Free Disk Space Retention Policy"
-
View the
failed-ops.log
in thelogs
directory and verify that only information about failed operations was written to it.