If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

The contents on this page are currently under review!

Logging is one of the most important aspects of a production-grade server. A properly configured logging system is vital for identifying errors, security threats and usage patterns.

See the following topics for details:


Log types in WSO2 products

Listed below are the various log types that can be used with WSO2 products.

All the logs created for a WSO2 product are stored in the <PRODUCT_HOME>/repository/logs folder with a date stamp.

  • Carbon logs: All WSO2 products are shipped with log4j logging capabilities that generate administrative activities and server side logs (Carbon logs). These Carbon log files are stored in the <PRODUCT_HOME>/repository/logs folder with a date stamp. Older logs are archived in the wso2carbon.log file. Carbon logs are configured for a product in the  log4j.properties  file (stored in the  <PRODUCT_HOME>/repository/conf  directory).  

    Java logging and Log4j integration:

    In addition to the logs from libraries that use Log4j, all logs from libraries (such as, Tomcat, Hazelcast and more) that use Java logging framework are also visible in the same log files. That is, when Java logging is enabled in Carbon, only the Log4j appenders will write to the log files. If the Java Logging Handlers have logs, these logs will be delegated to the log events of the corresponding Log4j appenders. A Pub/Sub registry pattern implementation has been used in the latter mentioned scenario to plug the handlers and appenders. The following default log4j appenders in the log4j.properties file are used for this implementation:

    • org.wso2.carbon.logging.appenders.CarbonConsoleAppender
    • org.wso2.carbon.logging.appenders.CarbonDailyRollingFileAppender 
  • Audit logs:  Audit logs are used for tracking the sequence of actions that affect a particular task carried out in the server. 
  • HTTP access logs: HTTP requests/responses are logged in access log(s) to monitor your application's usage, such as the persons who access it, how many hits it receives, the errors etc. These logs are configured in the catalina-server.xml file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/ directory).
  • Patch logs: This log contains details related to patches applied to the product. This log cannot be customized. See WSO2 Patch Application Process for more information.
  • Product-specific logs: Each WSO2 product may generate log files in addition to the logs explained above. See the product's documentation for descriptions of these log files and instructions on how to configure and use them.

Configuring products for log monitoring

See the following information on configuring Carbon logs, Audit logs and HTTP access logs for your WSO2 product.

Configuring Carbon logs: You can easily configure Carbon logs in log4j files using the management console of your product, or you can manually edit the log4j.properties file. Using the management console to configure logging is recommended because all changes made to log4j through the management console persists in the WSO2 Registry. Therefore, those changes will be available after the server restarts and will get priority over what is defined in the log4j.properties file. Also, note that the logging configuration you define using the management console will apply at run time.  However, if you modify the log4j.properties file and restart the server, the earlier log4j configuration that persisted in the registry will be overwritten. T here is also an option in the management console to restore the original log4j configuration from the  log4j.properties  file.   

Identifying forged messages:  

From Carbon 4.4.3 onwards, it is possible to use a UUID in log messages so that any forged messages can be easily identified.  The UUID is logged using a new conversion character ‘K’ in the log pattern layout.  By default, the UUID will be generated every time the server starts. However, you can configure your server to generate the UUID more or less frequently, by specifying an exact time interval in the log4j.properties file.

See the following topics for instructions:

Configuring Audit logs: Audit logs are enabled in WSO2 products by default. You can change the following default configuration by manually updating the the log4j.properties file. 

log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
 
# Appender config to AUDIT_LOGFILE
log4j.appender.AUDIT_LOGFILE=org.wso2.carbon.utils.logging.appenders.CarbonDailyRollingFileAppender
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
log4j.appender.AUDIT_LOGFILE.Append=true
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c}- %x %m %n
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.AUDIT_LOGFILE.threshold=INFO
log4j.additivity.AUDIT_LOG=false

Configuring HTTP access logs: See HTTP Access Logging for instructions on how to configure and use HTTP access logs.

Managing log growth

See the following content on managing the growth of Carbon logs and Audit logs:

Managing the growth of Carbon logs

Log growth (in Carbon logs) can be managed by the following configurations in the <PRODUCT_HOME>/repository/conf/ log4j.properties file.

  • Configurable log rotation: By default, log rotation is on a daily basis.
  • Log rotation based on time as opposed to size: This helps to  inspect the events that  occurred  during a specific time.
  • Log files are archived to maximise the use of space.

The log4j-based logging mechanism uses appenders to append all the log messages into a file. That is, at the end of the log rotation period, a new file will be created with the appended logs and archived. The name of the archived log file will always contain the date on which the file is archived. 

Limiting the size of Carbon log files

You can limit the size of the  <PRODUCT_HOME>/repository/logs/wso2carbon.log file by following the steps given below. This is useful if you want to archive the logs and get backups periodically.

  1. Change the log4j.appender.CARBON_LOGFILE=org.wso2.carbon.utils.logging.appenders.CarbonDailyRollingFileAppenderappender in the <PRODUCT_HOME>/repository/conf/ log4j.properties file as follows:
    log4j.appender.CARBON_LOGFILE=org.apache.log4j.RollingFileAppender
  2. Add the following two properties under RollingFileAppender

    • log4j.appender.CARBON_LOGFILE.MaxFileSize=10MB 

    • log4j.appender.CARBON_LOGFILE.MaxBackupIndex=20

    If the size of the log file is exceeding the value defined in the MaxFileSize property, then the content is copied to a backup file and the logs are continued to be added to a new empty log file. The MaxBackupIndex property makes the Log4j keep a given maximum number of backup files for the logs.

Limiting the size of audit log files

In WSO2 servers, audit logs are enabled by default. We can limit the audit log files with the following configuration:

  1.  Change the log4j.appender.AUDIT_LOGFILE=org.wso2.carbon.logging.appenders.CarbonDailyRollingFileAppenderappender in the <PRODUCT_HOME>/repository/conf/log4j.properties file as follows: log4j.appender.AUDIT_LOGFILE=org.apache.log4j.RollingFileAppender
  2. Add the following two properties under RollingFileAppender:
    • log4j.appender.AUDIT_LOGFILE.MaxFileSize=10MB 
    • log4j.appender.AUDIT_LOGFILE.MaxBackupIndex=20

Monitoring logs

In each Carbon product, users can configure and adjust the logging levels for each type of activity/ transaction. There are several ways to view the system log and application logs of a running Carbon instance.   

  • Through the log files that are stored in the <PRODUCT_HOME>/repository/logs folder. This folder contains current logs in a log file with a date stamp. Older logs are archived in the wso2carbon.log file.
  • Through the command prompt/shell terminal that opens when you run the "wso2server.bat"/"wso2server.sh" files to start the Carbon server.  
  • Through the management console of your product.

  • No labels