Example HTTP log publishers - PingDirectory - 9.2

PingDirectory 9.2

bundle
pingdirectory-92
ft:publication_title
PingDirectory 9.2
Product_Version_ce
PingDirectory 9.2
category
Product
pd-92
pingdirectory
ContentType_ce

When troubleshooting HTTP connection handler issues, start with the logs to determine any potential problems.

The following examples walk you through how to use various dsconfig commands and their associated options to configure log files to use for troubleshooting connection handler issues.

The following section shows some dsconfig commands and their corresponding log files.

  • To configure a default detailed HTTP Log Publisher with default log rotation and retention policies, use the create-log-publisher option with dsconfig.
    $ bin/dsconfig create-log-publisher \
      --publisher-name "HTTP Detailed Access Logger" \
      --type detailed-http-operation \
      --set enabled:true \
      --set log-file:logs/http-detailed-access \
      --set "rotation-policy:24 Hours Time Limit Rotation Policy" \
      --set "rotation-policy:Size Limit Rotation Policy" \
      --set "retention-policy:File Count Retention Policy" \
      --set "retention-policy:Free Disk Space Retention Policy" \
      --set "retention-policy:Size Limit Retention Policy"

    The corresponding log file provides access information below. The log message contains the following elements:

    • The time that the request was received
    • The request ID issued by the client, including the IP address, port, HTTP method, and URL
    • The authorization type, request content type, and status code
    • The response content length
    • The redirect URI
    • The response content type

    The HTTP log file shows the following.

    [23/Feb/2012:01:19:45 -0600] RESULT requestID=4300604 from="10.5.1.10:53269" 
    method="GET" url="https://10.5.1.129:443/Gimel/Users/uid=user.402914,ou=People,
    dc=gimel" authorizationType="Basic" requestContentType="application/json" 
    statusCode=200 etime=4.145 responseContentLength=1530 redirectURI="https://
    x2270-11.example.lab:443/Gimel/Users/uid=user.402914,ou=people,dc=gimel" 
    responseContentType="application/json"
    [23/Feb/2012:01:19:45 -0600] RESULT requestID=4300605 from="10.5.1.10:53269" 
    method="PUT" url="https://10.5.1.129:443/Gimel/Users/uid=user.207585,ou=people,
    dc=gimel" authorizationType="Basic" requestContentType="application/json" 
    statusCode=200 etime=4.872 responseContentLength=1532 redirectURI="https://
    x2270-11.example.lab:443/Gimel/Users/uid=user.207585,ou=people,dc=gimel" 
    responseContentType="application/json"
    [23/Feb/2012:11:31:18 -0600] RESULT requestID=4309872 from="10.5.1.10:3
  • To configure a detailed HTTP Log Publisher with request and response header names and values, including the Content-Type request header, use the set-log-publisher-prop option with dsconfig.
    Note:

    The Content-Type request header is suppressed by default.

    $ bin/dsconfig set-log-publisher-prop \
      --publisher-name "HTTP Detailed Access Logger" \
      --set log-request-headers:header-names-and-values \
      --remove suppressed-request-header-name:Content-Type \
      --set log-response-headers:header-names-and-values

    The following is a log example of a query request by a SCIM Server using the property, scim-query-rate. The log message contains the basic log elements shown in the first example plus the following additional information:

    • The request header for the host, HTTP method, content type, connection, user agent
    • The response header for the access-control credentials
    [23/Oct/2012:11:39:41-0600] RESULT requestID=4665307 from="10.5.0.20:56044" 
    method="GET" url="https://10.5.1.129:443/Beth/Users?attributes=userName,title,
    emails,urn:scim:schemas:extension:custom:1.0:descriptions,urn:scim:schemas:
    extension:enterprise:1.0:manager,groups,urn:scim:schemas:extension:custom:1.0:
    blob&filter=userName+eq+%22user.18935%22" requestHeader="Host: x2270-11.example.
    lab:443" requestHeader="Accept: application/json" requestHeader="Content-Type:
    application/json" requestHeader="Connection: keep-alive" 
    requestHeader="User-Agent: Wink Client v1.1.2" authorizationType="Basic" 
    requestContentType="application/json" statusCode=200 etime=140.384 
    responseContentLength=11778 responseHeader="Access-Control-Allow-Credentials: 
    true" responseContentType="application/json"

    Another log example shows an example user creation event. The client is curl.

    [23/Oct/2016:11:50:11-0600] RESULT requestID=4802791 from="10.8.1.229:52357"
    method="POST" url="https://10.2.1.113:443/Aleph/Users/" requestHeader="Host: x2270-
    11.example.lab" requestHeader="Expect: 100-continue" requestHeader="Accept: applica-
    tion/xml" requestHeader="Content-Type: application/xml" requestHeader="User-Agent:
    curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5"
    authorizationType="Basic" requestContentType="application/xml" requestContent-
    Length=1773 statusCode=201 etime=11.598 responseContentLength=1472 redirec-
    tURI="https://x2270-11.example.lab:443/Aleph/Users/b2cef63c-5e46-11e1-974b-
    60334b1a0d7a" responseContentType="application/xml"

    The final example shows a user deletion request. The client is the Sync Server.

    [23/Oct/2016:11:38:06-0600] RESULT requestID=4610261 from="10.5.1.114:34558"
    method="DELETE" url="https://10.2.1.113:443/Aleph/Users/b8547525-24e0-41ae-b66b-
    0b441800de70" requestHeader="Host: x2270-11.example.lab:443" requestHeader="Accept:
    application/json" requestHeader="Content-Type: application/json" requestHeader="Con-
    nection: keep-alive" requestHeader="User-Agent: DataSync-6.0.0.0 (Build
    20121022173845Z, Revision 11281)" authorizationType="Basic" requestContentType="appli-
    cation/json" statusCode=200 etime=10.615 responseContentLength=0