Agent inventory logging - PingAccess

Agent inventory logging - PingAccess - 6.3

PingAccess

bundle

pingaccess-63

ft:publication_title

PingAccess

Product_Version_ce

PingAccess 6.3

category

Product

pa-63

pingaccess

ContentType_ce

To log details about your PingAccess agents, you can add custom configuration to the agents and the PingAccess system.

Agent information other than the agent name is not included in agent responses by default. You can customize agents to include the agent header, providing additional information that can be included in logs.

Note:

See the corresponding Configuration page in the PingAccess Agents and Integrations documentation for the appropriate agent version for your product.

You must edit the /conf/log4j2.xml file to log the information included in the agent header by setting the agent.send.inventory parameter to true, and then modify the log4j2.xml file with | %agent{h} | %agent{t} | %agent{v}.

Original Log4j2.xml snippet:


<!-- | %agent{h}-->
<!-- | %agent{t}-->
<!-- | %agent{v}-->
<RollingFile name="AgentAuditLog-File"
fileName="${sys:pa.home}/log/pingaccess_agent_audit.log"
filePattern="${sys:pa.home}/log/pingaccess_agent_audit.%d{yyyy-MM-dd}.log"
ignoreExceptions="false">
<PatternLayout>
<!-- Uncomment this if you want to use UTF-8 encoding instead of system's default encoding. -->
<!--
<charset>UTF-8</charset>
-->
<pattern>%d{ISO8601}| %X{exchangeId}| %X{AUDIT.trackingId}| %agent{h}
| %X

{AUDIT.roundTripMS} ms| %X{AUDIT.resource}| %X{AUDIT.client}| %X{AUDIT.method}| %X{AUDIT.requestUri}| %X{AUDIT.responseCode}| %X{AUDIT.applicationName}| %X{AUDIT.resourceName}| %X{AUDIT.pathPrefix} %n</pattern>
</PatternLayout>
<Policies>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>

Modified log4j2.xml, where the <pattern> in the above example should include the keys v, t, and h:

<pattern>%d{ISO8601}| %X{exchangeId}| %X{AUDIT.trackingId}| %agent{h} | %X{AUDIT.roundTripMS}
ms| %X

{AUDIT.resource}
| %X

{AUDIT.client}
| %X

{AUDIT.method}
| %X

{AUDIT.requestUri}
| %X

{AUDIT.responseCode}
| %X

{AUDIT.applicationName}
| %X

{AUDIT.resourceName}
| %X

{AUDIT.pathPrefix}
| %agent

{h}
| %agent

{t}
| %agent

{v}
%n</pattern>

Agent Header

The optional vnd-pi-agent header allows the agent to communicate information about itself and its deployment environment to PingAccess. The value of this header is a map of comma-separated key-value pairs.

The agent can specify the custom keys specific to the deployment of the agent or utilize one or more of the well-known keys:

v: The version of the agent making the request.
t: The type of agent and/or the type of platform where the agent resides.
h: The hostname of the server where the agent resides.

Note:

For more information on security audit logging, see Security audit logging.

The syntax for the vnd-pi-agent value conforms to a dictionary in this specification, https://httpwg.org/http-extensions/draft-ietf-httpbis-header-structure.html#dictionary, where member-values are constrained to be an sh-string item.

These header examples are considered semantically equivalent.

vnd-pi-agent: v="1.0.0", h="apache.example.com", t="Apache 2.4.41"

vnd-pi-agent: v="1.0.0", h="apache.example.com"
vnd-pi-agent: t="Apache 2.4.41"

vnd-pi-agent: v="1.0.0"
vnd-pi-agent: h="apache.example.com"
vnd-pi-agent: t="Apache 2.4.41"

For more information about agent headers, see PAAP agent request.