Server Logs
A Server log is a log file that the server automatically creates and maintains. It is comprised of a list of server activities that successfully perform.log4net.config file is available with the installation package and must be placed in the same directory as the appsettings.yml file, i.e. /var/thales/config/.
For example, Web server log maintains a history of page requests. The W3C maintains a standard format for the web server log files, and information related to a request is typically added. However, user specific information is not collected.
The configuration parameters are standard, and their details can be fetched from logging.apache.org/log4net/release/manual/configuration.html
The default logging level is set to ERROR and can be set to INFO, WARN, or ERROR, depending upon the requirement.
It is recommended that a log retention policy is established and logs are periodically copied to a physical location.
Enable DEBUG Logging
IDPV Server log configuration file is copied during configuration in the following directory:
/var/thales/config/ as log4net.config.
The default logging level is set to ERROR. The logging level can be set to any following value:
- DEBUG
- ERROR
- INFO
For example, follow the steps to set the level to DEBUG (to troubleshoot or view more information):
- In the Configuration folder (
/var/thales/config/) provided with the delivery package, open thelog4net.configfile. - Replace INFO with DEBUG for all available occurrences.
SafeNet IDPrime Virtual Server Logs
The logs are available in the directory /publish/logs/ inside the container, which can be copied to the host using the following command:
sudo docker cp idprimevirtualserver:/publish/logs <destination path on host>
The log file contains the following information:
| Fields | Description | Sub Fields |
|---|---|---|
| Schemaversion | The version of the log event format | |
| Category | The overall category to which the log event belongs.Category("NETWORK","DATABASE","HEALTH","APPLICATION") |
|
| Level | The current level of the log event in the hierarchy of log messages: - FATAL - ERROR - WARN - INFO - DEBUG - TRACE |
|
| SecurityAlertLevel | The security alert level: - NONE - LOW - MEDIUM - HIGH |
|
| Timestamp | Time of the event | |
| Application | The source, application, or service that raises this log event. | - Application.instanceId- In Docker and Kubernetes environment, hostname is same as instanceId - Application.name - Application.version |
| Context | The context for which that log event has been produced. | - Context.correlationId - Context.tenantId - Context.principalId - Context.deviceId - Context.clientId |
| Details | - Details.type - Custom field |
|
| Thread | The application thread |
ActionParams: Information related to the current action:
| Fields | Description |
|---|---|
| SessionId | The identifier of the client session |
| roleName | Role of the user |
| keyTemplateInfo | The mechanism & attributes attached to a key |
| CSRTemplateInfo | The CSR information as: - key generation mechanism type - key attributes - certificate request sign mechanism - certificate subject distinguished name - certificate key usage - certificate extended key usage - subject alternative name |
Application
| Fields | Description |
|---|---|
| InstanceId | The unique identifier of the source |
| Name | The unique name of the source |
| Version | The version of the source |
Context
| Fields | Description |
|---|---|
| CorrelationId | An identifier inherited and replicated in all logs of all applications. This identifier represents an instance of a use case to propagate across all other applications. |
| TenantId | The unique identifier of the tenant. |
| UserId | The unique identifier of the user. |
| TokenId | The unique identifier of the token. |
| PrincipalID | The unique identifier of the principal if any. A principal is an entity that has been identified or authenticated. |
| DeviceId | The identifier that can uniquely identify the device (if any). |
| Clientid | The unique identifier of the client associated to the log event (if any). |
Details
| Fields | Description |
|---|---|
| Type | The type of event related to the category: NETWORK category: - HTTP-IN-REQUEST - HTTP-IN-RESPONSE - HTTP-OUT-REQUEST - HTTP-OUT-RESPONSE DATABASE category: - DB-QUERY - DB-RSP APPLICATION category: - INTERNAL - METRIC HEALTH category: - LIFECYCLE - ENV |
| Request | The REST API request targeted |
| Action | The action related to the targeted REST API request |
| Method | The HTTP verb: - POST - GET - DELETE - PUT |
| Scheme | The request scheme: - HTTP - HTTPS |
| Host | The host address |
| Path | The request path |
| ClientIp | The client IP address |
Message: The detailed message attached to the log event (if any)
| Fields | Description |
|---|---|
| StatusCode | The HTTP status code |
| Message | The dump string message giving all details |
| Developer Message | The inner string message (if any) |
| ErrorCode | The internal error code |
Examples of SafeNet IDPrime Virtual Server Log Formats
Example 1: A log at each incoming request
{
"Version": "2.2",
"Category": "NETWORK",
"LEVEL": "INFO",
"SecurityAlertLevel": "",
"Timestamp": "2015-04-23T18:25:43:511Z",
"Application": {
"InstanceId": "hostname",
"name": "IDPrimeVirtualServer",
"version": "2.2.1.208",
},
"Context": {
"correlationId": "?",
"tenantId": "?",
"principalId": "?",
"deviceId": "?",
"clientId": "?",
},
"Details": {
"type": "HTTP-IN-REQUEST",
"request": "Tokens",
"method": "POST",
"scheme": "https",
"host": "192.168.0.10",
},
}
Example 2: SafeNet IDPrime Virtual Server Log Event File for Error Conditions
{
"Version": "2.2",
"Category": "APPLICATION",
"Level": "ERROR",
"SecurityAlertLevel": "",
"Timestamp": "2018-09-18:03:32:57",
"Application": {
"InstanceId": "WIN-DJIPN5V2L0V",
"Name": "Thales.IDPrimeVirtual.AppLayer",
"Version": "2.2.1.208"
},
"Context": {
"CorrelationId": "0HLGTA83VPFGK:00000002",
"TenantId": "644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b",
"UserId": "644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2c",
"TokenId": null,
"PrincipalId": null,
"DeviceId": null,
"ClientId": null
},
"Details": {
"Type": "INTERNAL",
"Request": "Tokens",
"Action": "Post",
"Method": "POST",
"Scheme": "http",
"Host": "localhost"
},
"Message": "Access denied for user 'root'@'localhost' (using password: YES)"
},
Example 3: SafeNet IDPrime Virtual Server Log Event File for Informational Messages
{
"Version": "2.2",
"Category": "APPLICATION",
"Level": "INFO",
"SecurityAlertLevel": "",
"Timestamp": "2018-09-18:03:32:57",
"Application": {
"InstanceId": "WIN-DJIPN5V2L0V",
"Name": " Thales.IDPrimeVirtual.TokenAPI",
"Version": "2.2.1.208"
},
"Context": null,
"Details": {
"Type": "INTERNAL",
"Request": "Tokens",
"Action": "Post",
"Method": "POST",
"Scheme": "http",
"Host": "localhost"
},
"Message": "Executing action method
Thales.IDPrimeVirtual.TokenAPI.Controllers.TokensController.Post
(Thales.IDPrimeVirtual.TokenAPI) with arguments (644e1dd7-2a7f-18fb-b8eded78c3f92c2b,
644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2c) - ModelState is Valid"
},
