Enabling debug messages and console logging - PingFederate - 10.3

PingFederate Server

bundle
pingfederate-103
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.3
category
Product
pf-103
pingfederate
ContentType_ce

Make changes to the <pf_install>/pingfederate/server/default/conf/log4j2.xml file to enable debug messages and console logging.

For troubleshooting purposes, you can adjust the log level to DEBUG in the log4j2.xml file and re-enable console logging.
Important:

When you no longer require debug messages and console logging, turn them off. On Windows, never highlight the console output because it might slow or stop PingFederate from processing requests.

  1. Edit the <pf_install>/pingfederate/server/default/conf/log4j2.xml file.
    1. To enable verbose messages, look for Limit categories inside the Loggers element, particularly the five logger names shown in bold in the following snippet.
      ...
      <Loggers>
      
          <!-- ================ -->
          <!-- Limit categories -->
          <!-- ================ -->
      
          ...
          <Logger name="org.sourceid" level="INFO" />
          <Logger name="org.sourceid.saml20.util.SystemUtil" level="INFO" additivity="false">
              <AppenderRef ref="CONSOLE" />
              <AppenderRef ref="FILE" />
          </Logger>
          ...
          <Logger name="com.pingidentity" level="INFO" />
          <Logger name="com.pingidentity.common.util.ErrorHandler" level="INFO" additivity="false">
              <AppenderRef ref="CONSOLE" />
              <AppenderRef ref="FILE" />
          </Logger>
          ...
          <Logger name="com.pingidentity.appserver.jetty.PingFederateInit" level="INFO" additivity="false" includeLocation="false">
              <AppenderRef ref="FILE" />
          </Logger>
          ...
      </Loggers>
      ...

      Then update the five loggers as shown in bold in the following snippet.

      ...
      <Loggers>
      
          <!-- ================ -->
          <!-- Limit categories -->
          <!-- ================ -->
      
          ...
          <Logger name="org.sourceid" level="DEBUG" />
          <Logger name="org.sourceid.saml20.util.SystemUtil" level="DEBUG" additivity="false">
              <AppenderRef ref="CONSOLE" />
              <AppenderRef ref="FILE" />
          </Logger>
          ...
          <Logger name="com.pingidentity" level="DEBUG" />
          <Logger name="com.pingidentity.common.util.ErrorHandler" level="DEBUG" additivity="false">
              <AppenderRef ref="CONSOLE" />
              <AppenderRef ref="FILE" />
          </Logger>
          ...
          <Logger name="com.pingidentity.appserver.jetty.PingFederateInit" level="INFO" additivity="false" includeLocation="false">
              <AppenderRef ref="FILE" />
              <AppenderRef ref="CONSOLE" />
          </Logger>
          ...
      </Loggers>
      ...
      Note:

      In this snippet, console logging is enabled for loggers org.sourceid.saml20.util.SystemUtil, com.pingidentity.common.util.ErrorHandler, and com.pingidentity.appserver.jetty.PingFederateInit.

      Console logging can be resource intensive. If you do not require console logging or prefer to review the server log instead, comment out the <AppenderRef ref="CONSOLE" /> entry for these three loggers.

      Tip:

      As needed, you can update the log level for other loggers.

    2. To enable console logging, look for the Set up the Root logger section as shown in the following example.
      ...
      <!-- ======================= -->
      <!-- Set up the Root logger  -->
      <!-- ======================= -->
      ...
      <AsyncRoot level="INFO" includeLocation="false">
          <!-- <AppenderRef ref="CONSOLE" /> -->
          <AppenderRef ref="FILE" />
      </AsyncRoot>

      Then, update as shown in bold in the following snippet.

      ...
      <!-- ======================= -->
      <!-- Set up the Root logger  -->
      <!-- ======================= -->
      ...
      <AsyncRoot level="INFO" includeLocation="false">
          <AppenderRef ref="CONSOLE" />
          <AppenderRef ref="FILE" />
      </AsyncRoot>
      Important:

      When you no longer require console logging, comment out the <AppenderRef ref="CONSOLE" /> entry for the AsyncRoot logger.

  2. Save any changes made.
  3. In a clustered PingFederate environment, repeat these steps on each applicable node.

Changes, such as adding a Logger or adjusting log levels, are activated within half a minute. You do not need to restart PingFederate.