Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

Logger Configurations

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on October 29 2020 at 22:08 UTC

Hi Saviynt Team,

Working with other products, I've usually come across logging configurations that may show relevant events, such as reconciliation, provisioning, login, UAR, approval events that may take place. Does Saviynt have any recommendations to clients to setup logging in a manner that would be most beneficial without overrunning the logs on backend processes that shouldn't be of concern until a subsequent ticket needs to be generated?



thanks!

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
5 REPLIES 5

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on November 2 2020 at 03:51 UTC

Following points provide details for each of the SSM Logger Categories:

Controller Loggers: Controller is the key software component of SSM. All HTTP requests and responses are passed to the Controller. The Controller identifies, whether it is a get or post request and based on the type of request, it is either routed to Database or Service Loggers. Service Loggers: Service Logger contains the business logic for processing a request. It provides classes for various modules. Domain Class Loggers: It provides details of all the properties for various objects in SSM. For example, for a user object, the domain class provides details of various attributes belonging to a user 'jsmith'. Similarly, other domain class provides details of properties for accounts, endpoints, security systems, connections, analytics, campaign, SOD, and for all other modules respectively.Grails Loggers: Grails loggers consists of the logger details for: Grails Application, Controllers, Services, Domains, Filters, TagLibs, Grails Web Requests, URL Mappings, Plugins, and Apache Commons. 3rd Party Loggers: Third-party loggers are used to fetch logs for 3rd party softwares used by SSM such as: Spring, Spring Security, SQL, Hibernate, SAML SSO, and JBPM.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on November 2 2020 at 18:23 UTC

Hey Raghu,

Thank you for the response. This is helpful in understanding what each logger is doing, but is there any recommendation as to which level to set these on initially? There are a lot of sub-loggers underneath each of these categories as well, so what would be recommendation in those?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on November 3 2020 at 04:44 UTC

Ideally, in a stable Production environment you should keep logs to the minimum. Don't enable logging to any component unless you want to observe something & want to trouble shoot.


Severity Levels for Logging

The severity level of logs in the ascending order (increasing order) are TRACE, DEBUG, INFO, WARN, ERROR, and FATAL. Selecting a log level also adds logs for the higher levels. For example, if you select WARN, it adds logs for WARNING, ERROR, and FATAL. The following table provides a description of the various severity levels:

Action

Description

OFFSelect OFF, if you do not want to add log entries in the log file and disable the logging for selected Logger Name.
TRACE

If you want to find out one part of a function, you can use TRACE. For example, if you have an algorithm, which goes through multiple steps, TRACE prints information about each of those steps at the finest level. The output and input of each step are included in TRACE. Turning on TRACE includes all Debug, Warning, Errors and Fatal log details.

It is not recommended though to enable Trace level logging for sustained periods because it degrades the performance of the application to a higher extent. Enabling TRACE, creates an abundance of log data that is unsustainable due to disk/bandwidth constraints. Instead of using TRACE, DEBUG can be a substitute as DEBUG can be enabled for a sustained higher period of time.

DEBUGIt is used to identify and log debug information that is helpful to SystemAdmin, IT developers and software developers. Debug severity level can be enabled for a longer period of time.
INFOThis is used to log and add entries pertaining to informational purpose also in the log file.
WARNThis is used to capture the WARNING related log entries to the log file. Anything that can potentially cause system oddities to a lesser extent, but for which you can automatically recover is flagged as WARNING.
ERRORThis is used to capture the ERROR and FATAL related log entries to the log file. Any error which is fatal to the operation, but not the service or application (can't open a required file, missing data, and so on.). These errors will force user (administrator, or direct user) intervention. These are usually reserved for incorrect connection strings, missing services, and so on.
FATALThis level is used to capture an error that is forcing a shutdown of the service or application to prevent data loss (or further data loss).
This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on November 23 2020 at 04:05 UTC

Hi,


I will be using SOAP and Rest connector for pulling users from HR systems or Disconnected applications. In this case, which logger configuration is suitable for capturing errors or other info which helps in troubleshooting REST\SOAP connectors?



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on November 24 2020 at 13:01 UTC

Any update on my above question

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.