How to enable verbose / debug logging on Authentication Manager, AM Web Tier v. 8.x
3 years ago
Article Number
000068186
Applies To
RSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager Web Tier
RSA Version/Condition:  all 8.X
 
Issue
Need to see CTKip connection attempts in Web Tier logs, so need verbose logging.

The Web Tier config.xml file is located in the  <WT_Home>/server/config directory.
By default, the <WT_Home> installation path is;

   /opt/RSASecurity/RSAAuthenticationManagerWebtier 
or 
   C:\Program Files\RSA Security\RSA Authentication Manager Webtier 

You should make a backup of the original version of config.xml. When done editing the config.xml for debug/verbose logging, you should make another backup of the debug version of confiog.xml, so that you can rename the config.xml to either debug or non-debug depending on your troubleshooting needs.
Win_edit_config_xml

Linux_edit_config_xml
Tasks

1. Make a backup copy of original Web Tier config.xml file
2. edit config.xml 
    Locate <log> section
       change <log-file-severity>Info    to    Debug
       change <stdout-severity>Notice    to    Debug
    Add new section title    <server-debug>
3. Save config.xml
- you must restart Web Tier services to enable the changes
4. Restart Web Tier services
 - syntax errors in config.xml can prevent Web Tier services from starting.
 If Web Tier services start, then test debug output in the AdminServer.log
5. Make a copy of new debug config.xml for future use.
6. When done troubleshooting, optionally replace original config.xml and restart WT to turn off debug 
Linux_restart_WT_svc
Win_restart_WT_svc

Resolution
1. Make a backup copy of original Web Tier config.xml file
2. edit config.xml 
See screenshots in KB Issue section above
    Locate <log> section
Win_find_log_config_xml
       change <log-file-severity>Info    to    Debug
       change <stdout-severity>Notice    to    Debug
    Add new section title    <server-debug>
Linux_find_web-server_config_xml
The <server-debug> section that you will add is below, copy and paste it for accuracy.

<server-debug>
  <debug-scope>
  <name>weblogic.servlet.internal</name>
  <enabled>true</enabled>
  </debug-scope>
  <debug-scope>
  <name>weblogic.servlet.internal.session</name>
  <enabled>true</enabled>
  </debug-scope>
  <debug-scope>
  <name>weblogic.servlet.logging</name>
  <enabled>true</enabled>
  </debug-scope>
  <debug-http>true</debug-http>
  <debug-url-resolution>true</debug-url-resolution>
  <debug-http-sessions>true</debug-http-sessions>
  <debug-http-logging>true</debug-http-logging>
  <debug-web-app-module>true</debug-web-app-module>
</server-debug>

3. Save config.xml
- you must restart Web Tier services to enable the changes
4. Restart Web Tier services - See screenshots in KB Tasks section above
Notes
The config.xml file edits consist of making changes to one section to enable debug and Adding a new section to configure debug/
Note: <log> section ends with </log>. Defaults = Info, Notice. You will change those to Debug.
 - you must restart Web Tier services to enable the changes
 - syntax errors in config.xml can prevent Web Tier services from starting. 
 - both edits must be accurately made to produce debug output into the AdminServer.log files
 - be sure to replace your original config.xml to disable debug when done troubleshooting
 - keep a copy of the debug version of configxml for future troubleshooting

Related Articles

Trending Articles

Don't see what you're looking for?