CAS Logging {really log4j2 questions}
Duncan Brannen
Morning All,
First, thanks to Dave from the New School for producing the deployment guide it was a great help for us migrating
from CAS 3 -> CAS 5 which we’ve recently done.
I’ve a couple of issues with logging I wouldn’t mind throwing out here.
1/.
I set a TimeBasedTriggeringPolicy of a day (via interval of 1 and pattern of yyy-MM-dd ) and removed the size=10 MB” from the SizeBasedTriggeringPolicy in our
Log4j2.xml file but noticed our logs were rolling still at 10/11MB when we left in the <SizeBasedTriggeringPolicy /> line.
Without it the just roll daily as expected. I’m not sure if this is something unique to us and haven’t found any log4j2 docs that imply there’s a default
if it’s left in without a value. Can anyone else clarify if the SizeBasedTriggeringPolicy should be removed or this is a local issue.
2/.
I created another Appender and AsyncLogger to send logs to our ELS stack via logstash. Our TGT’s are not being ****’d our in those logs. Given the
below configs, the TGT’s are obfuscated in cas_json.log but not in logstash. Is this as expected / do I need to do the obfuscation in logstash?
Cheers,
Duncan
<RollingFile name="dbbfile" fileName="${sys:cas.log.dir}/cas_json.log" append="true"
filePattern="${sys:cas.log.dir}/cas_json-%d{yyyy-MM-dd}-%i.log">
<PatternLayout pattern="%d %p [%c] - <%m>%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<TimeBasedTriggeringPolicy interval="1" modulate="true"/>
</Policies>
</RollingFile>
<CasAppender name="casJson">
<AppenderRef ref="dbbfile" />
</CasAppender>
<Socket name="socket" host="logstashhost" connectTimeoutMillis="3000"
port="9500" protocol="TCP" ignoreExceptions="false" >
<JsonLayout compact="true" complete="false" eventEol="true" />
<SerializedLayout />
</Socket>
<AsyncLogger name="org.apereo" additivity="true" level="info">
<appender-ref ref="casJson" />
<appender-ref ref="socket" />
</AsyncLogger>
David Curry
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
Hi All,
In case anyone else is wondering, it looks like there is a default 10MB size on the SizeBasedTriggeringPolicy
Dave, I’ve CC’d you as the instructions at
https://dacurry-tns.github.io/deploying-apereo-cas/building_server_configure-logging-settings.html
will cause loss of data if I’m not mistaken. Leaving in the SizeBasedTriggeringPolicy line will roll the logs at 10MB and combined with the
removal of the -%i from the filepattern =”%d{yyyy-MM-dd-HH}-%i.log” line will cause logs to be overwritten every 10MB rather than incrementing
a sequence number. Leaving in the -%i seems a nice safety net anyway as if logs ever roll unexpectedly you’ll not overwrite anything.
I’ve not found why the TGT’s are not masked when logged to a socket rather than a file though. Anyone? We’re running CAS 5.2.3
Cheers,
Duncan
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7102A04D-14F7-48C0-B54A-AAEB755B0DFF%40st-andrews.ac.uk.
Duncan Brannen
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.