We recommend using the server.log file for error-level messages. Even when levels are down to a minimum, the server log generates large amounts of information in an active production environment. As an alternative, you can set up a specific log to log only ERROR and higher.

To change your log4j2.xml file to enable a separate log file:

  1. Create an appender.
    The easiest way to create an appender is to copy an existing one as a base. In the following example, the RollingFile is the same one that the server.log file uses. Bold text identifies items that have been changed.
    <!-- Error Only Main Log : A size based file rolling appender -->
    <RollingFile name="FILEERR" fileName="${sys:pf.log.dir}/server.error.log"
             	filePattern="${sys:pf.log.dir}/server.error.log.%i" ignoreExceptions="false">
    	<PatternLayout>
        	<!-- Uncomment this if you want to use UTF-8 encoding instead
            	of system's default encoding.
        	<charset>UTF-8</charset> -->
        	<pattern>%d %X{trackingid} %-5p [%c] %m%n</pattern>
    	</PatternLayout>
    	<Policies>
        	<SizeBasedTriggeringPolicy
                	size="10000 KB" />
    	</Policies>
    	<DefaultRolloverStrategy max="5" />
    </RollingFile>
  2. At the end of your log4j2.xml file, set the appender that you created in the previous step for AsyncRoot.
    <AsyncRoot level="INFO" includeLocation="false">
    	<!-- <AppenderRef ref="CONSOLE" /> -->
    	<AppenderRef ref="FILE" />
    	<AppenderRef ref="FILEERR" level="ERROR" />
    </AsyncRoot>
    In this example, the level attribute indicates the level of messages that are sent to the log file.
  3. Remove the attribute additivity="false" from all other loggers that contain a reference to the File appender.
    Logger name="org.sourceid.saml20.util.SystemUtil" level="INFO" additivity="false">
    	<!--<AppenderRef ref="CONSOLE" /> -->
    	<AppenderRef ref="FILE" />
    Becomes:
    <Logger name="org.sourceid.saml20.util.SystemUtil" level="INFO" >
    	<!--<AppenderRef ref="CONSOLE" /> -->
    	<AppenderRef ref="FILE" />
  4. Make this change on all nodes within the cluster.
    Note: To expedite this step, we recommend creating a base file with the appropriate changes and copying it to all the nodes.
  5. Restart PingFederate.