Commit 661800aa authored by Sandro Mathys's avatar Sandro Mathys
Browse files

try improved shibboleth logging configuration

parent 3f8146b5
......@@ -302,20 +302,43 @@ data:
</SPConfig>
shibd.logger: |
# set overall behavior
log4j.rootCategory={{ .Values.backend.shibboleth.log4j.rootCategory | default "INFO, console" }}
### set overall behavior
log4j.rootCategory={{ .Values.backend.shibboleth.log4j.rootCategory | default "INFO, default_log" }}
# change detail behavior
{{- if .Values.backend.shibboleth.log4j.settings }}
{{- .Values.backend.shibboleth.log4j.settings | nindent 4 }}
{{- end }}
### change detail behavior
{{- if .Values.backend.shibboleth.log4j.settings }}
{{- .Values.backend.shibboleth.log4j.settings | nindent 4 }}
{{- else }}
# fairly verbose for DEBUG, so generally leave at INFO
log4j.category.XMLTooling.XMLObject=INFO
log4j.category.XMLTooling.XMLObjectBuilder=INFO
log4j.category.XMLTooling.KeyInfoResolver=INFO
log4j.category.Shibboleth.IPRange=INFO
log4j.category.Shibboleth.PropertySet=INFO
# raise for low-level tracing of SOAP client HTTP/SSL behavior
log4j.category.XMLTooling.libcurl=INFO
# the tran log blocks the "default" appender(s) at runtime
# Level should be left at INFO for this category
log4j.category.Shibboleth-TRANSACTION=INFO, transaction_log
log4j.additivity.Shibboleth-TRANSACTION=false
log4j.ownAppenders.Shibboleth-TRANSACTION=true
{{- end }}
### define appenders
{{- if .Values.backend.shibboleth.log4j.appenders }}
{{- .Values.backend.shibboleth.log4j.appenders | nindent 4 }}
{{- else }}
# default_log appender
log4j.appender.default_log=org.apache.log4j.ConsoleAppender
log4j.appender.default_log.layout=org.apache.log4j.PatternLayout
log4j.appender.default_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
# transaction_log appender
log4j.appender.transaction_log=org.apache.log4j.ConsoleAppender
log4j.appender.transaction_log.layout=org.apache.log4j.PatternLayout
log4j.appender.transaction_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
{{- end }}
# define appenders
{{- if .Values.backend.shibboleth.log4j.appenders }}
{{- .Values.backend.shibboleth.log4j.appenders | nindent 4 }}
{{- else }}
log4j.appender.console=org.apache.log4j.ConsoleAppender
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
{{- end }}
{{- end -}}
......@@ -227,80 +227,9 @@ backend:
# logging
log4j:
rootCategory: "" # default: "INFO, console"
settings: ""
# EXAMPLE:
# settings: |
# # fairly verbose for DEBUG, so generally leave at INFO
# log4j.category.XMLTooling.XMLObject=INFO
# log4j.category.XMLTooling.XMLObjectBuilder=INFO
# log4j.category.XMLTooling.KeyInfoResolver=INFO
# log4j.category.Shibboleth.IPRange=INFO
# log4j.category.Shibboleth.PropertySet=INFO
# # raise for low-level tracing of SOAP client HTTP/SSL behavior
# log4j.category.XMLTooling.libcurl=INFO
# # useful categories to tune independently:
# #
# # tracing of SAML messages and security policies
# #log4j.category.OpenSAML.MessageDecoder=DEBUG
# #log4j.category.OpenSAML.MessageEncoder=DEBUG
# #log4j.category.OpenSAML.SecurityPolicyRule=DEBUG
# #log4j.category.XMLTooling.SOAPClient=DEBUG
# # interprocess message remoting
# # log4j.category.Shibboleth.Listener=DEBUG
# # mapping of requests to applicationId
# #log4j.category.Shibboleth.RequestMapper=DEBUG
# # high level session cache operations
# #log4j.category.Shibboleth.SessionCache=DEBUG
# # persistent storage and caching
# #log4j.category.XMLTooling.StorageService=DEBUG
# # logs XML being signed or verified if set to DEBUG
# log4j.category.XMLTooling.Signature.Debugger=INFO, sig_log
# log4j.additivity.XMLTooling.Signature.Debugger=false
# log4j.ownAppenders.XMLTooling.Signature.Debugger=true
# # the tran log blocks the "default" appender(s) at runtime
# # Level should be left at INFO for this category
# log4j.category.Shibboleth-TRANSACTION=INFO, tran_log
# log4j.additivity.Shibboleth-TRANSACTION=false
# log4j.ownAppenders.Shibboleth-TRANSACTION=true
# # uncomment to suppress particular event types
# #log4j.category.Shibboleth-TRANSACTION.AuthnRequest=WARN
# #log4j.category.Shibboleth-TRANSACTION.Login=WARN
# #log4j.category.Shibboleth-TRANSACTION.Logout=WARN
appenders: "" # default: configures a ConsoleAppender `console`
# EXAMPLE:
# appenders: |
# log4j.appender.console=org.apache.log4j.ConsoleAppender
# log4j.appender.console.layout=org.apache.log4j.PatternLayout
# log4j.appender.console.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
# log4j.appender.shibd_log=org.apache.log4j.RollingFileAppender
# log4j.appender.shibd_log.fileName=/dev/shm/shibd.log
# log4j.appender.shibd_log.maxFileSize=512KB
# log4j.appender.shibd_log.maxBackupIndex=0
# log4j.appender.shibd_log.layout=org.apache.log4j.PatternLayout
# log4j.appender.shibd_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
# log4j.appender.tran_log=org.apache.log4j.RollingFileAppender
# log4j.appender.tran_log.fileName=/dev/shm/transaction.log
# log4j.appender.tran_log.maxFileSize=256KB
# log4j.appender.tran_log.maxBackupIndex=0
# log4j.appender.tran_log.layout=org.apache.log4j.PatternLayout
# log4j.appender.tran_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S}|%c|%m%n
# log4j.appender.sig_log=org.apache.log4j.RollingFileAppender
# log4j.appender.sig_log.fileName=/dev/shm/signature.log
# log4j.appender.sig_log.maxFileSize=256KB
# log4j.appender.sig_log.maxBackupIndex=0
# log4j.appender.sig_log.layout=org.apache.log4j.PatternLayout
# log4j.appender.sig_log.layout.ConversionPattern=%m
rootCategory: "" # default: "INFO, default_log"
settings: "" # default: some sane settings for a few specific categories
appenders: "" # default: two console appenders, default_log and transaction_log
##############################################
### frontend / apache2 (httpd + mod_shibd) ###
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment