RapidIdentity Product Guide: New UI

Logs

The Logs interface allows administrators to configure global RapidIdentity logging settings and updates the Logs interface in the legacy RapidIdentity Appliance user interface. 

Administrators can configure Log settings in the following four interfaces.

  1. Logger Settings

  2. Debug Policies

  3. Audit Logs

  4. Local Server Logs

Logger Settings

The Logger Settings interface allows administrators to configure loggers and their associated log levels. The level set for a logger is inherited by all loggers that are lower in the hierarchy without their own specific settings.

Warning

Since there are so many possible loggers that can be configured, this menu should only be modified under the direction of RapidIdentity Support.

Logger_Settings2.png

RapidIdentity pre-defines two settings:

  • Global RapidIdentity - sets the default level for logging specific to RapidIdentity

  • Root Logger - sets the default level for everything else, including logging done by third party and open source libraries included in the software

The primary action that administrators take here is to change the level for one of these two loggers. To do this, hover over the rightmost column next to the logger to be modified and click Details.

Logger_Details.png

The Edit Logger right sidebar will appear, where the Log Level of the chosen logger can be altered. Choose the desired log level and click Save.

Edit_Logger.png
Add Logger

Administrators can also add settings for more specific loggers in the hierarchy. The logger name must be the name of the logger as provided by an Identity Automation Support Engineer. The menu settings are as follows:

  1. Off

  2. Trace

  3. Debug

  4. Info

  5. Warn

  6. Error

  7. Inherit

Add_Logger.png

Warning

The DEBUG and TRACE Levels on Root Logger will result in a firehose and should only be done for short periods of time. Setting those levels for Global RapidIdentity is less risky, but should not be left on all the time. Either of these left on could result in running out of disk space on the appliance(s).

After then new log level is configured, click Save.

Debug Policies

The Debug Policies interface allows users to configure policies to provide more granular information during the troubleshooting process.  

Debug_Policies_-_Main.png

Administrators can add and remove policies on demand. Follow these steps to add or remove a debug policy.

  1. From the Debug Policies interface, click Add Policy.

    Add_Debug_Policy.png
  2. When the Add Policy side bar opens, select a debug Type first from the drop-down box. There are ten options available.

    1. Debug Session ID

      Note

      The Session ID can be found by navigating to https://<system URL>/supportInfo as an administrator. (The suffix is case-sensitive - ensure the I in Info is capitalized.)

    2. Username

    3. idautoID

    4. Email

    5. Auth Token

    6. Client IP

    7. Forwarded Client IP

    8. Client User Agent

    9. Custom Key Value

    10. Marker

  3. Next, enter an appropriate value in the Value field and choose whether the debug policy should focus on RapidIdentity or everything in the appliance.

  4. Only the Custom Value Key allows administrators to enter a value in the Key field, which should correspond to a different attribute or key from the available choices in the Type drop-down box.

  5. As values are entered, they display in the Debug Policies table. Once the policy configuration is complete, click Save.  

  6. If a Debug Policy is no longer necessary, click the checkbox and then click Delete.

Audit Logs

The Audit Logs interface allows administrators to look at the audit logs being run against RapidIdentity. The default setting is 1000 lines; however, administrators can manually modify that number by entering a different number or using the up and down arrows visible on the right side of the number field on mouse hover.

These logs are configured in Configuration > Security > Audit Logging and are visible here when generated. Audit logs are only populated if file-based logging is enabled, and the contents of the audit files are local to the server.

Audit_Logs.png
Local Server Logs

The Local Server Logs interface allows administrators a quick view of the server logs on which RapidIdentity is installed. The default setting is 1000 lines, however, administrators can choose to modify the line number by manually entering a different number or using the number chooser when the cursor is placed in the Lines box.

Local_Server_Logs.png