pki-server-logging - Man Page

PKI Server Logging Configuration

Location

/var/lib/pki/instance/conf/logging.properties, /var/lib/pki/instance/conf/subsystem/CS.cfg

Description

PKI server logging can be configured using the following logging frameworks:

java.util.logging

Tomcat uses java.util.logging (JUL) as the default logging framework. The configuration is described in Tomcat Logging ⟨http://tomcat.apache.org/tomcat-9.0-doc/logging.html⟩.

The default configuration is located at /usr/share/pki/server/conf/logging.properties. During server deployment a link will be created at /var/lib/pki/instance/conf/logging.properties.

By default only log messages with level WARNING or higher will be logged on the console (i.e. systemd journal).

java.util.logging.ConsoleHandler.level = ALL
java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter

java.util.logging.SimpleFormatter.format = %4$s: %5$s%6$s%n

The systemd journal can be viewed with the following command:

$ journalctl -u pki-tomcatd@<instance>.service

For more information see the following documents:

Internal Logging

Each PKI subsystem uses an internal logging framework for debugging purposes.

The logging configuration is stored in /var/lib/pki/instance/conf/subsystem/CS.cfg.

debug.level=10

The debug.level determines the amount of details to be logged. The value ranges from 0 (most details) to 10 (least details). The default value is 10.

Customization

java.util.logging

To customize JUL configuration, replace the link with a copy of the default configuration:

$ rm -f /var/lib/pki/<instance>/conf/logging.properties
$ cp /usr/share/pki/server/conf/logging.properties /var/lib/pki/<instance>/conf
$ chown pkiuser.pkiuser /var/lib/pki/<instance>/conf/logging.properties

Then edit the file as needed. For example, to troubleshoot issues with PKI library add the following lines:

netscape.level = ALL
com.netscape.level = ALL
org.dogtagpki.level = ALL

To troubleshoot issues with RESTEasy add the following line:

org.jboss.resteasy.level = ALL

Then restart the server.

Internal Logging

To customize the internal logging configuration, edit the CS.cfg as needed, then restart the server.

Authors

Dogtag PKI Team &lt;devel@lists.dogtagpki.org&gt;.

See Also

pki-logging(5)

Referenced By

pki-logging(5).

November 3, 2016 PKI Server Logging Configuration