wiki:SysLog

Version 1 (modified by dabantz@…, 10 years ago) (diff)

--

Sending (portions) of IdP logs to UA SysLog

1 Configure the IdP's logging in $IDPHOME/conf/logging.xml

(reference: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPProdLogging)

1.1 Include a syslog appender:

  <appender name="IDP_SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender">
    <SyslogHost>elk-syslog.alaska.edu</SyslogHost>
    <Port>514</Port>
    <Facility>AUTH</Facility>
    <SuffixPattern>[%logger:%line] %msg</SuffixPattern>
  </appender>

1.2 Add a reference to this appender in one or more loggers defined in logging.xml

    <logger name="Shibboleth-Access">
        <level value="INFO" />
        <appender-ref ref="IDP_ACCESS" />
        <appender-ref ref="IDP_SYSLOG" />
    </logger>

    <logger name="Shibboleth-Audit">
        <level value="INFO" />
        <appender-ref ref="IDP_AUDIT" />
        <appender-ref ref="IDP_SYSLOG" />
    </logger>

2 To view these in the UA SysLog facility:

2.1 Log into https://elk.alaska.edu/ (important to do this first)

2.2 Open this url: https://elk.alaska.edu/kibana3/#/dashboard/temp/AUy6isg-k0ZtaltOKC0f