PingDirectory

Types of log publishers

The PingDirectory server provides several classes of log publishers for parsing, aggregating, and filtering information events that occur during normal processing in the server.

There are three primary types of log publishers:

  • Access log publishers

  • Debug log publishers

  • Error log publishers

Each type has multiple subtypes of log files based on the log server type.

Access log publishers

Access log publishers provide the requests received and the responses returned by the PingDirectory server. This information can be used to understand the operations performed by clients and to debug problems with the client applications. It can also be used for collecting usage information for performance and capacity planning purposes.

For information on tools that can analyze the access log to provide summaries of LDAP activity and performance, see Monitoring PingDirectory metrics with Splunk and the summarize-access-log tool description in Available command-line tools.

Access log type Description

File-based audit log

Special type of access logger that provides detailed information about changes processed within the server.

Disabled by default.

Data Recovery Log

Publishes information about each write operation processed in the server in a manner that allows those changes to be reverted or replayed (in conjunction with the extract-data-recovery-log-changes tool) if data recovery is needed.

You can find this log publisher in the <pd_install>/logs/data-recovery/data-recovery directory.

JDBC-based access log

Stores access log information using a Java Database Connectivity (JDBC) database connection.

Disabled by default.

File-based access logs

Provides a character-based stream used by TextWriter publishers as a target for outputting log records. There are several types of file-based access loggers:

Admin Alert Access Log

Generates administrative alerts for any operations that match the criteria for this access logger. Disabled by default.

File-based Access Log

Publishes access log messages to the file system. Enabled by default.

You can find this log publisher in the <pd_install>/logs/access directory.

Syslog-based Access Log

Publishes access log messages to a syslogd port. Disabled by default.

Expensive-Operations Access Log

Publishes only those access log messages of operations that take longer than 1000 milliseconds. Disabled by default.

You can find this log publisher in the <pd_install>/logs/expensive-ops directory.

Failed-Operations Access Log

Publishes only those access log messages of operations that failed for any reason. Enabled by default.

You can find this log publisher in the <pd_install>/logs/failed-ops directory.

Successful Searches with No Entries Returned Log

Publishes only those access log messages of search operations that failed to return any entries. Disabled by default.

JSON Access Logger

Publishes JSON-formatted access log messages to the file system.

You can find this log publisher in the <pd_install>/logs/access.json directory.

Console JSON Access Logger

Publishes JSON-formatted access log messages to the Java virtual machine (JVM)'s standard output or standard error stream.

This log publisher is only recommended when the server is run in no-detach mode and is best suited for use in Docker or other containers that can capture log content written to standard output or standard error.

Third-Party Access Log Publisher

Publishes access log messages using a custom log publisher created using the Server SDK.

Third-Party File-Based Access Log Publisher

Publishes access log messages to a file using a custom log publisher created using the Server SDK, including enhanced support for log file rotation and retention.

HTTP operation log publishers

Common Log File HTTP Operation Log Publisher

Publishes information about HTTP requests in the W3C common log format.

HTTP Detailed Access

Publishes detailed information about HTTP requests processed by the server.

You can find this log publisher in the <pd_install>/logs/http-detailed-access directory.

Debug log publishers

Debug log publishers provide information about warnings, errors, or significant events that occur within the server.

Debug log type Description

Debug loggers

Debug ACI Logger

Stores debug information on access control instruction (ACI) evaluation for any request operations against the server.

You can find this log publisher in the <pd_install>/logs/debug-aci directory.

Server SDK Extension Debug Logger

Provides simplified access to debug messages generated by Server SDK extension.

You can find this log publisher in the <pd_install>/logs/server-sdk-extension-debug directory.

Error log publishers

The Error log reports errors, warnings, and informational messages about events that occur during the course of the server’s operation.

Error log type Description

File-based error logs

There are several types of File-based error logs:

Error log

Publishes error messages to the file system. Enabled by default.

You can find this log publisher in the <pd_install>/logs/errors directory.

Replication log

Publishes replication error messages to the file system. Enabled by default.

You can find this log publisher in the <pd_install>/logs/replication directory.

JSON Error Logger

Publishes JSON-formatted error log messages to the file system.

You can find this log publisher in the <pd_install>/logs/errors.json directory.

Console JSON Access Logger

Publishes JSON-formatted access log messages to the JVM’s standard output or standard error stream.

This log publisher is only recommended when the server is run in no-detach mode and is best suited for use in Docker or other containers that can capture log content written to standard output or standard error.

Third-Party Error Log Publisher

Publishes error log messages using a custom log publisher created using the Server SDK.

Third-Party File-Based Error Log Publisher

Publishes error log messages to a file using a custom log publisher created using the Server SDK, including enhanced support for log file rotation and retention.

JDBC-based error logs

Stores error log information using a JDBC database connection. Disabled by default.

Syslog-based error logs

Publishes error messages to a syslog port.