20.4 Configuring Logging Settings

Logging allows you to debug the identity applications configuration. The logging service provides facilities for writing, viewing, filtering, and listening for log messages.

By default, Identity Manager saves the logging configuration in idmuserapp_logging.xml file. For workflow events, there is a separate workflow_logging.xml file. Both these files are located at:

Linux: /opt/netiq/idm/apps/tomcat/conf/

Windows: C:\netiq\idm\apps\tomcat\conf

NOTE:The workflow events are generated only if CEF auditing is enabled in workflow_logging.xml file.

For more information, see Section 8.0, Setting Up Logging in the Identity Applications.

20.4.1 Configuring Auditing Service Settings

The Auditing Configuration under Configuration > Logging allows you to enable or disable audit service in CEF format. You should specify the following auditing server details after enabling CEF format.

For any audit related settings, NetIQ recommends you to refer to the NetIQ Identity Manager - Configuring Auditing in Identity Manager.

Fields

Description

Destination host

Specifies the destination hostname or IP address of the auditing server.

Destination Port

Specifies the destination port number of the auditing server.

Network Protocol

Specifies the protocol that should be used to establish communication with the auditing server.

To establish a secure communication with the auditing server, select TCP protocol and enable Use TLS option. Provide the Keystore file name and the Keystore password.

Intermediate event store directory

Specifies the temporary directory where the events can be stored. This directory serves as a backup for an auditing server. If Identity Applications is freshly installed, the directory path will be populated by default.

You can also provide path to intermediate event store directory of your choice. Make sure that the permission and ownership are changed to novlua for that directory. To change the permission of the directory, run the following commands on Linux platforms:

chown novlua:novlua <directory_path>

chmod 755 <directory_path>

where <directory_path> is the path to the intermediate event store directory.

On Windows platform, provide Administrative permission to that directory.

20.4.2 Configuring the Identity Manager Packages and their Log Levels

Each feature in identity applications uses one or more packages. Each package handles a specific area of a feature and has its own independent log level that obtains event messages from different parts of the application.

The package names are based on log4j conventions. The event messages include these package names indicating the context of the message output. The logs include tags and values that allow the administrator to identify and correlate which package log entries pertaining to a given transaction and user.

The logs contain information about processing and interactions among identity applications components that occur while fulfilling users and administrative requests and during general system processing. By enabling the correct log levels for various packages, an administrator can monitor how identity applications process users and administrative requests. For more information, see Configuring Logging Settings in Identity Manager Dashboard.