Server Logs
A Server log is a log file that the server automatically creates and maintains. It is comprised of a list of server activities that successfully perform.log4net.config file is available with the installation package and must be placed in the same directory as the appsettings.yml file, i.e. /var/thales/config/.
For example, Web server log maintains a history of page requests. The W3C maintains a standard format for the web server log files, and information related to a request is typically added. However, user specific information is not collected.
The configuration parameters are standard, and their details can be fetched from logging.apache.org/log4net/release/manual/configuration.html
The default logging level is set to ERROR and can be set to INFO, WARN, or ERROR, depending upon the requirement.
Enable DEBUG Logging
IDPV Server log configuration file is copied during configuration in the following directory:
/var/thales/config/ as log4net.config.
The default logging level is set to ERROR. The logging level can be set to any following value:
- DEBUG
- ERROR
- INFO
For example, follow the steps to set the level to DEBUG (to troubleshoot or view more information):
- In the Configuration folder (
/var/thales/config/) provided with the delivery package, open thelog4net.configfile. - Replace INFO with DEBUG for all available occurrences.
SafeNet IDPrime Virtual Server Logs
The logs are available in the directory /publish/logs/ inside the container, which can be copied to the host using the following command:
sudo docker cp idprimevirtualserver:/publish/logs <destination path on host>
The log file contains the following information:
| Fields | Description | Sub Fields |
|---|---|---|
| Schemaversion | The version of the log event format | |
| Category | The overall category to which the log event belongs.Category("NETWORK","DATABASE","HEALTH","APPLICATION") |
|
| Level | The current level of the log event in the hierarchy of log messages: - FATAL - ERROR - WARN - INFO - DEBUG - TRACE |
|
| SecurityAlertLevel | The security alert level: - NONE - LOW - MEDIUM - HIGH |
|
| Timestamp | Time of the event | |
| Application | The source, application, or service that raises this log event. | - Application.instanceId- In Docker and Kubernetes environment, hostname is same as instanceId - Application.name - Application.version |
| Context | The context for which that log event has been produced. | - Context.correlationId - Context.tenantId - Context.principalId - Context.deviceId - Context.clientId |
| Details | - Details.type - Custom field |
|
| Thread | The application thread |
ActionParams: Information related to the current action:
| Fields | Description |
|---|---|
| SessionId | The identifier of the client session |
| roleName | Role of the user |
| keyTemplateInfo | The mechanism & attributes attached to a key |
| CSRTemplateInfo | The CSR information as: - key generation mechanism type - key attributes - certificate request sign mechanism - certificate subject distinguished name - certificate key usage - certificate extended key usage - subject alternative name |
Application
| Fields | Description |
|---|---|
| InstanceId | The unique identifier of the source |
| Name | The unique name of the source |
| Version | The version of the source |
Context
| Fields | Description |
|---|---|
| CorrelationId | An identifier inherited and replicated in all logs of all applications. This identifier represents an instance of a use case to propagate across all other applications. |
| TenantId | The unique identifier of the tenant. |
| UserId | The unique identifier of the user. |
| TokenId | The unique identifier of the token. |
| PrincipalID | The unique identifier of the principal if any. A principal is an entity that has been identified or authenticated. |
| DeviceId | The identifier that can uniquely identify the device (if any). |
| Clientid | The unique identifier of the client associated to the log event (if any). |
Details
| Fields | Description |
|---|---|
| Type | The type of event related to the category: NETWORK category: - HTTP-IN-REQUEST - HTTP-IN-RESPONSE - HTTP-OUT-REQUEST - HTTP-OUT-RESPONSE DATABASE category: - DB-QUERY - DB-RSP APPLICATION category: - INTERNAL - METRIC HEALTH category: - LIFECYCLE - ENV |
| Request | The REST API request targeted |
| Action | The action related to the targeted REST API request |
| Method | The HTTP verb: - POST - GET - DELETE - PUT |
| Scheme | The request scheme: - HTTP - HTTPS |
| Host | The host address |
| Path | The request path |
| ClientIp | The client IP address |
Message: The detailed message attached to the log event (if any)
| Fields | Description |
|---|---|
| StatusCode | The HTTP status code |
| Message | The dump string message giving all details |
| Developer Message | The inner string message (if any) |
| ErrorCode | The internal error code |
Examples of SafeNet IDPrime Virtual Server Log Formats
Example 1: A log at each incoming request
{
"Version": "2.2",
"Category": "NETWORK",
"LEVEL": "INFO",
"SecurityAlertLevel": "",
"Timestamp": "2015-04-23T18:25:43:511Z",
"Application": {
"InstanceId": "hostname",
"name": "IDPrimeVirtualServer",
"version": "2.2.1.208",
},
"Context": {
"correlationId": "?",
"tenantId": "?",
"principalId": "?",
"deviceId": "?",
"clientId": "?",
},
"Details": {
"type": "HTTP-IN-REQUEST",
"request": "Tokens",
"method": "POST",
"scheme": "https",
"host": "192.168.0.10",
},
}
Example 2: SafeNet IDPrime Virtual Server Log Event File for Error Conditions
{
"Version": "2.2",
"Category": "APPLICATION",
"Level": "ERROR",
"SecurityAlertLevel": "",
"Timestamp": "2018-09-18:03:32:57",
"Application": {
"InstanceId": "WIN-DJIPN5V2L0V",
"Name": "Thales.IDPrimeVirtual.AppLayer",
"Version": "2.2.1.208"
},
"Context": {
"CorrelationId": "0HLGTA83VPFGK:00000002",
"TenantId": "644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b",
"UserId": "644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2c",
"TokenId": null,
"PrincipalId": null,
"DeviceId": null,
"ClientId": null
},
"Details": {
"Type": "INTERNAL",
"Request": "Tokens",
"Action": "Post",
"Method": "POST",
"Scheme": "http",
"Host": "localhost"
},
"Message": "Access denied for user 'root'@'localhost' (using password: YES)"
},
Example 3: SafeNet IDPrime Virtual Server Log Event File for Informational Messages
{
"Version": "2.2",
"Category": "APPLICATION",
"Level": "INFO",
"SecurityAlertLevel": "",
"Timestamp": "2018-09-18:03:32:57",
"Application": {
"InstanceId": "WIN-DJIPN5V2L0V",
"Name": " Thales.IDPrimeVirtual.TokenAPI",
"Version": "2.2.1.208"
},
"Context": null,
"Details": {
"Type": "INTERNAL",
"Request": "Tokens",
"Action": "Post",
"Method": "POST",
"Scheme": "http",
"Host": "localhost"
},
"Message": "Executing action method
Thales.IDPrimeVirtual.TokenAPI.Controllers.TokensController.Post
(Thales.IDPrimeVirtual.TokenAPI) with arguments (644e1dd7-2a7f-18fb-b8eded78c3f92c2b,
644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2c) - ModelState is Valid"
},
