Shib SP and logging, or lack thereof

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Shib SP and logging, or lack thereof

Tony Ennis

I investigated why I wasn't getting any log files from my Shib SP; everything was logging to the console. The default logger files all had their various log4j.appender.*.fileName set to /dev/stdout.  They really looked like developer log files to be honest. 


I changed all the log4j.appender.*.filename configs to log to the /var/log/shibboleth directory. I changed the native.logger file to log to the /var/log/shibboleth-www directory.


I am getting a log file in the shibboleth-www directory, but no logging at all in the shibboleth directory.


What's the mechanism by which the various logger files are selected for use? That is, what part of shib says to use native_log or shibd_log?



Rivera Group    
Tony Ennis
Chief Architect
[hidden email] | Rivera Group
O: 812.246.4055

Confidentiality Notice: This message and any attachments are for the sole use of the intended recipient(s), and may contain information considered confidential or privileged by the sending organization or trade secrets of the sending organization. This message does not authorize the intended recipient to disclose this information to any other party. Use, disclosure, or retention of any information in this message by anyone other than the intended user is strictly prohibited, unless otherwise authorized in writing. If you are not the intended recipient, please destroy all copies of this message.

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shib SP and logging, or lack thereof

Tony Ennis

Nevermind - my devops guy informs me the person who created the docker container took liberties with the log files.




Rivera Group    
Tony Ennis
Chief Architect
[hidden email] | Rivera Group
O: 812.246.4055

From: users <[hidden email]> on behalf of Tony Ennis <[hidden email]>
Sent: Wednesday, July 11, 2018 1:46:35 PM
To: [hidden email]
Subject: Shib SP and logging, or lack thereof
 
External Email! Do not click any links or open any attachments unless you trust the sender and know the content is safe.

I investigated why I wasn't getting any log files from my Shib SP; everything was logging to the console. The default logger files all had their various log4j.appender.*.fileName set to /dev/stdout.  They really looked like developer log files to be honest. 


I changed all the log4j.appender.*.filename configs to log to the /var/log/shibboleth directory. I changed the native.logger file to log to the /var/log/shibboleth-www directory.


I am getting a log file in the shibboleth-www directory, but no logging at all in the shibboleth directory.


What's the mechanism by which the various logger files are selected for use? That is, what part of shib says to use native_log or shibd_log?



Rivera Group    
Tony Ennis
Chief Architect
[hidden email] | Rivera Group
O: 812.246.4055

Confidentiality Notice: This message and any attachments are for the sole use of the intended recipient(s), and may contain information considered confidential or privileged by the sending organization or trade secrets of the sending organization. This message does not authorize the intended recipient to disclose this information to any other party. Use, disclosure, or retention of any information in this message by anyone other than the intended user is strictly prohibited, unless otherwise authorized in writing. If you are not the intended recipient, please destroy all copies of this message.

Confidentiality Notice: This message and any attachments are for the sole use of the intended recipient(s), and may contain information considered confidential or privileged by the sending organization or trade secrets of the sending organization. This message does not authorize the intended recipient to disclose this information to any other party. Use, disclosure, or retention of any information in this message by anyone other than the intended user is strictly prohibited, unless otherwise authorized in writing. If you are not the intended recipient, please destroy all copies of this message.

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shib SP and logging, or lack thereof

Alan Buxey
In reply to this post by Tony Ennis
in a container environment, you want all logs to be centralised - so its usual to do things like eg log to console or system log rather than seperateĀ files, so that a centralised logger will work.

(alternatively, could use eg syslog-ng etc functions to grab service specificĀ logs to the main system log or just syslog everything to external eg ELK collector)


alan

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]