Logging is one of the most important aspects of a production-grade server. A properly configured logging system is vital for identifying errors, security threats and usage patterns. All WSO2 products are shipped with the log4j logging capabilities, which generates administrative activities and server side logs. The log4j.properties
file, which governs how logging is performed by the server can be found in the <PRODUCT_HOME>/repository/conf
directory.
Java logging and Log4j integration: In addition to the logs from libraries that use Log4j, all logs from libraries (such as, Tomcat, Hazelcast and more) that use Java logging framework are also visible in the same log files. That is, when Java logging is enabled in Carbon, only the Log4j appenders will write to the log files. If the Java Logging Handlers have logs, these logs will be delegated to the log events of the corresponding Log4j appenders. A Pub/Sub registry pattern implementation has been used in the latter mentioned scenario to plug the handlers and appenders. The following default log4j appenders in the log4j.properties
file are used for this implementation:
org.wso2.carbon.logging.appenders.CarbonConsoleAppender
org.wso2.carbon.logging.appenders.CarbonDailyRollingFileAppender
Managing log growth: Log growth can be managed by the following configurations in the <PRODUCT_HOME>/repository/conf/
log4j.properties
file.
- Configurable log rotation: By default, log rotation is on a daily basis.
- Log rotation based on time as opposed to size: This helps to inspect the events that occurred during a specific time.
- Log files are archived to maximise the use of space.
The log4j-
based logging mechanism uses appenders to append all the log messages into a file. That is, at the end of the log rotation period, a new file will be created with the appended logs and archived. The name of the archived log file will always contain the date on which the file is archived.
Identifying forged messages: From Carbon 4.4.3 onwards, it is possible to use a UUID in the log messages so that any forged messages can be easily identified. The UUID is logged using a new conversion character ‘K’ in the log pattern layout. By default, the UUID will be generated every time the server starts. However, you can configure your server to generate the UUID more or less frequently, by specifying an exact time interval in the log4j.properties
file.
See the following topics related to log management in WSO2 Carbon products;
Configuring products for log monitoring
Given below are ways to configure log4j files:
- Manually editing the
log4j.properties
file. - Configure logging using the management console.
Using the management console to configure logging is recommended because all changes made to log4j through the management console persists in the WSO2 Registry. Therefore, those changes will be available after the server restarts and will get priority over what is defined in the actual log4j.properties
file. Also, note that the logging configuration you define using the management console will apply at run time. However, if you modify the log4j.properties
file and restart the server, the earlier log4j configuration that persisted in the registry will be overwritten. There is also an option in the management console to restore the original log4j configuration from the log4j.properties
file.
Monitoring logs
In each Carbon product, users can configure and adjust the logging levels for each type of activity/ transaction. There are several ways to view the system log and application logs of a running Carbon instance.
- Through the log files that are stored in the
<PRODUCT_HOME>/repository/logs
folder. This folder contains current logs in a log file with a date stamp. Older logs are archived in thewso2carbon.log
file. - Through the command prompt/shell terminal that opens when you run the "
wso2server.bat
"/"wso2server.sh
" files to start the Carbon server. - Through the advanced monitoring capabilities in WSO2 BAM.
- Through the management console of your product.