Environment
Reflection for the Web (All Editions) version 12.2 or higher
Reflection for the Web 2014 (All Editions)
Reflection Security Gateway 2014
Situation
This technical note describes the logging features in all versions and editions listed in the Applies To section, as well as how to use the Log Viewer application.
Logging Features
The Log Viewer application works with the XML log files written by all Reflection for the Web and Host Access Management and Security Servers including the Security Proxy Server.
Using the Log Viewer, you can:
- Filter log messages by severity.
- Search for message text to quickly find the records you need.
- Filter logs at view time, which enables you to find an interesting record, and then expand your view to see the context from all log sources without having to correlate multiple logs manually.
Notes about viewing information:
- Log message details are displayed in a separate split window below the log message summary window and update automatically as messages are scrolled through.
- Open log files are listed in the vertical pane on the left side of the Log Viewer with the fully-qualified path and filename of the currently open log file displayed in the status line at the bottom of the Log Viewer window.
- Records in the XML logs contain rich information, including millisecond-accurate event times and sequence numbers that guarantee that messages are seen as atomic units in the order they were logged.
- Records in the XML logs are language-independent and can be viewed in any supported language, regardless of where they were originally written. Two different users can view the exact same log file in two different languages, with no loss of information.
Resolution
How to Use the Log Viewer
Beginning in version 12.2 of Management and Security Server and Reflection for the Web, some files and paths were renamed. The paths included here are for version 12.2 and higher. If you are using a version prior to 12.2, see Paths in Earlier Versions.
To use the Log Viewer:
- Open the Log Viewer:
On Windows:
From the Start menu, under Host Access Management and Security Server click, LogViewer.
Or, double-click the executable file:
C:\Program Files\Micro Focus\MSS\utilities\bin\LogViewer.exeOn Solaris:
/opt/microfocus/mss/utilities/bin/LogViewerOn Linux:
/usr/local/microfocus/mss/utilities/bin/LogViewer
- In the Log Viewer, click File > Load (or press Ctrl+L).
Browse to the directory containing the log files you want to view. Select a log file and click Open.
View Full Size
Figure 2 - Select a log to openServer log files are located in the MSSData directory (or the ReflectionData directory in earlier versions). The default log file location varies depending on the server and whether you changed locations during installation:
To locate log files in the MSSData directory:
Windows 2008 Server and later:
C:\ProgramData\Micro Focus\MSS\MSSData\log
UNIX: /var/opt/microfocus/mss/mssdata/log
If you are using a version prior to 12.2, see Paths in Earlier Versions.
- Click the file in the left pane of the Log Viewer to view the details.
Paths in Earlier Versions
Here are the file locations for versions of Management and Security Server and Reflection for the Web prior to 12.2. These steps reflect the steps in How to Use the Log Viewer.
- Open the Log Viewer:
On Windows:
From the Start menu, under Host Access Management and Security Server click, LogViewer.
Or, double-click the executable file:
C:\Program Files\Attachmate\ReflectionServer\utilities\bin\LogViewer.exeOn Solaris:
/opt/attachmate/reflectionserver/utilities/bin/LogViewerOn Linux:
/usr/local/attachmate/reflectionserver/utilities/bin/LogViewer - To locate log files in the ReflectionData directory:
Windows 2008 Server and later: C:\ProgramData\Attachmate\ReflectionServer\ReflectionData\log
UNIX: /var/opt/attachmate/reflectionserver/reflectiondata/log
Additional Features
The following functionality is available from the top bar of the Log Viewer:
Note: You can use shortcut keys:Ctrl+L to Load log files and Ctrl+O to close log files.
Reload – Refreshes the log. You can view logs while they are open for writing.
Automatic – Refreshes the log automatically about every 6 seconds.
Resolve addresses – Displays DNS names instead of numeric IP addresses. Note: Address resolution can be very slow, since it can require multiple DNS requests per address. Results are cached until you close the Log Viewer, but it can still be very slow.
Slider for "Message Level Control" – Filters the messages by Severity level. Severe messages are highlighted in red. Warnings are highlighted in yellow.
Search for Text –Type a partial search string into the text box to search the message field for matching strings. Click the "X" to clear the text field and view all messages of the allowed level.
Changing Logging Options
You can change certain default logging options for the product you have installed by editing the log.properties file. You can modify the following options:
Change the default log file size.
Change the number of saved log files.
Change default log file directory.
The log.properties file is located in the MSSData\properties directory.
If you are using a pre 12.2 version of Management and Security Server or Reflection for the Web, see Paths in Earlier Versions to locate the ReflectionData directory. Then, open the properties directory.
An Example: template_log.properties File
You will find a sample template_log.properties file located in the properties directory that you can use to customize logging properties. The template shows examples of the options that can be changed.
Use the template file as a reference, or copy and paste its contents into the log.properties file to modify as needed. Once changes are complete, you must restart the MSS Server (or Reflection server) service for the changes to take effect.
template_log.properties
# Use this file as a template for customizing the logging properties of this webapp.# The actual filename should be log.properties and placed in the same directory as this file.# WARNING: There is UI in this webapp that will also write values to log.properties (e.g. logging levels).######################################################################### RWeb log configuration## Accepts the following settings:# com.wrq.log[.log_name].level = log_level# com.wrq.log[.log_name].handlers = handler_class[,handler_class]*## if handlers includes java.util.logging.FileHandler:# com.wrq.log[.log_name].java.util.logging.FileHandler.pattern = file_pattern# com.wrq.log[.log_name].java.util.logging.FileHandler.limit = file_limit# com.wrq.log[.log_name].java.util.logging.FileHandler.count = file_count# com.wrq.log[.log_name].java.util.logging.FileHandler.append = file_append# com.wrq.log[.log_name].java.util.logging.FileHandler.encoding = encoding_string## if handlers includes java.util.logging.SocketHandler:# com.wrq.log[.log_name].java.util.logging.SocketHandler.host = socket_hose# com.wrq.log[.log_name].java.util.logging.SocketHandler.port = socket_port# com.wrq.log[.log_name].java.util.logging.SocketHandler.encoding = encoding_string## where:# log_name is optional and accepts one of the following values:# (omitted) - affects default value for all logs# awsaudit - management server# context - receives all messages for this context, mainly for client alert UI# credentialaudit - management server# idmaudit - ID server# idmevent - ID server# meter - metering server# proxyaudit - security proxy# trace - receives all messages# useraudit - management server## All elements with 'java.util.logging' in their names have the same meanings and# values as defined in the Java system logging configuration, with two additional tokens:# %d - data_root directory, must appear at the beginning of the string if used# %f - the logger's default filename, for example, the trace logger has a default filename of "trace"## All settings are optional, and have the following default values:# com.wrq.log.level = INFO# com.wrq.log.file_limit = 2500000# com.wrq.log.file_count = 10# com.wrq.log.file_path = %d/log/%f.%g.log# com.wrq.log.append = false######################################################################### default level# com.wrq.log.level = INFO## uncomment the following line to allow debug messages to be written to the trace log#com.wrq.log.trace.level = ALL# default 2.5MB max per file# com.wrq.log.file_limit = 2500000# default keep generations 0..9 per log# com.wrq.log.file_count = 10# default write log files to log directory under data root# com.wrq.log.file_path = %d/log/%f.%g.log# default rotate to new log file on restart, caution: setting to true may cause XML parsing errors# com.wrq.log.append = false# default context logger passes all messages to trace log with no additional handlers# com.wrq.log.context.handlers = ""Gathering Log Files to View on another Server or to Send to Technical Support
Copy the following files from the MSSData\log (or ReflectionData\log) directory:
awsaudit.<n>.log
credentialaudit.<n>.log
useraudit.<n>.log.
You can copy or view these files without having to stop the MSS server. After you gather the files, copy them to another server for viewing or if requested, send them to Technical Support.
Note: The log files are generated such that the lowest generation number (.0) is the current one, and higher numbers are successively older.
If the (.0) log file covers the period where the event occurred, then gathering (.0) is sufficient. Otherwise, gather additional log files. The file count limit for each log file is 10. The files with .lck extensions are not needed for viewing.
View Full Size
Figure 5 - .lck files