APM Command Center Logging Settings

Change the default settings for the Configuration Server or an Agent Controller log file.
apmdevops106
Change the default settings for the Configuration Server or an Agent Controller log file.
Follow these steps:
  1. Open the
    APMCommandCenterServer/config/apmccsrv.properties
     file or
    APMCommandCenterController/config/apmccctrl.properties
     file.
  2. Go to the Logging section.
    The Logging section defines the location of the log file and the logging level for loggers.
  3. Make the required changes.
  4. Restart the Configuration Server or Agent Controller for the changes to take effect.
To change the log level to DEBUG for the Configuration Server, do not change the root log level. Add a new property:
logging.level.com.ca.apm=DEBUG
. This setting ensures that debug messages are logged only for the Configuration Server and not for other components, such as web server, database, and messaging.
audit.log File
The
audit.log
 file records all operations, such as log level changes, login attempts, and user activity, in Command Center. All activity is in a log file in JSON format. Parse this file to obtain information, such as remoteIP, user names, and any other activity details. The file adds an audit log entry for each HTTP request. The entry is a timestamped message containing a JSON serialized object.
The following fields show typical log entries:
Field
Type
Description
timestamp
String
Time at which the request was received.
user
String
Name of the user who is authenticated in the session that is referenced by the request.
sessionId
String
ID of the session that is referenced by the request.
authenticated
Boolean
The session references an authenticated user.
authenticationAttempted
Boolean
An authentication attempt was invoked by the request.
authenticationAttemptResult
Boolean
If an authentication attempt was invoked by the request, this field indicates the result of that attempt.
authenticationAttemptedUsername
String
If an authentication attempt was invoked by the request, this field indicates the username that is supplied in that attempt.
authenticationMethod
String
Various login methods exist in Command Center (for example, username and password combination, SAML, or token). This field indicates which method was used. Specifically, this field denotes the class of the authentication token implementation that is returned by authentication.
httpStatus
Integer
The HTTP status of the response.
remoteHost
String
The IP address from which the request was issued.
userAgent
String
Value of the User-Agent HTTP header sent in the request.
auditLogEntries
Array
Additional information that is related to specific operations performed by the request.
warningTextString
String
A warning that the REST API received too many requests.
Define the location, the maximum size of the audit log file, and the maximal number of indexed audit log backup files. You can define these properties or can leave them depending on your needs.
Follow these steps:
  1. Open the
    APMCommandCenterServer/config/apmccsrv.properties
     file.
  2. Go to the
    Audit Log
    section and make the required changes:
    # Audit log file name pattern. Must contain date placeholder %d
    # with optional date format, e.g. %d{yyyy-MM-dd}
    logging.audit.file=logs/audit-%d.log
     
    # Maximum number of archive files to keep. 0 means keep all the archive files, do not delete anything
    logging.audit.maxHistoryFiles=33
     
    # Minimum allowed interval between REST API calls. If interval between
    # calls is less than configured value then we generate warning record in
    # audit log and REST call is rejected with HTTP 429 Too Many Requests
    # The value is a positive integer. 0 means no warnings are generated.
    logging.audit.minIntervalBetweenRestApiCallsInMsecs=0
  3. Restart the Configuration Server for the changes to take effect.
Command Center starts only when the log file is writable. This security feature prevents the logging from being circumvented.