System Logs
The CipherTrust Manager maintains a variety of logs to record administrative actions, network activity, and more.
These logs can be useful for debugging, error handling, troubleshooting, and for chronologically tracing failures and system events.
Knox Logging
Changing Knox Log Level
Knox uses Log4j to keep track of its log messages. The default log level, which is INFO, may quickly cause the log file to use up the available space and DDC scans to fail.
Because of that you must change the log level to ERROR by editing the log configuration file. You can do this through Ambari, by following these steps:
In the Ambari toolbar on the left, click to expand Services, then click Knox.
Select the CONFIGS tab and scroll down to "Advanced gateway-log4j".
Open the "Advanced gateway-log4j" section and modify these parameters:
Change the log4j.logger.audit parameter to:
1log4j.logger.audit=ERROR, auditfile
Add these two additional parameters at the end:
1 2
log4j.appender.auditfile.MaxFileSize=10MB log4j.appender.auditfile.MaxBackupIndex=10
Click SAVE and then restart Knox.
Purging the Knox Log Directory
If after applying these changes your Knox log grows too quickly, you may have to purge the log directory. First, however, you need to check if this is the case.
Check if Ambari is displaying a "NameNode Directory Status" error. This error indicates a failed directory (that is, one or more directories are reporting as not healthy.)
Check Ambari for a "Failed directory count" message to find out which directories are reporting problems. If the error message is showing "Failed directory count: 1" it may be the logs directory.
In the terminal, check the free disk space for
/var/log/by issuing the command:1df -h
If the output of the command is showing no free disk space for the /var/log/ directory, remove all the log files.