How to turn on debug logging to troubleshoot AFX connectors in version 7.5.2 of RSA Governance & Lifecycle
Article Number
Applies To
Issue
Debug logging is extremely useful and informative for troubleshooting RSA Identity Governance & Lifecycle AFX connectors. This article describes the steps to enable AFX connector debug logging in SecurID Governance & Lifecycle version 7.5.2.
There is quite a bit of logging output into the following AFX logs but it generally does not provide the level of detail required to troubleshoot a specific AFX connector. These logs are:
The information logged to these connector-specific log files can be very useful when troubleshooting specific AFX connector issues. The amount of logging that is written to these connector-specific logs is controlled by two flags: INFO and DEBUG. By default the INFO flag is enabled. To log additional data to a connector-specific log file, the DEBUG flag can be enabled.
There is quite a bit of logging output into the following AFX logs but it generally does not provide the level of detail required to troubleshoot a specific AFX connector. These logs are:
- $AFX_HOME/esb/logs/mule_ee.log
- $AFX_HOME/esb/logs/esb.AFX-MAIN.log
$AFX_HOME/esb/logs/esb.AFX-CONN-<connector_name>.log
The information logged to these connector-specific log files can be very useful when troubleshooting specific AFX connector issues. The amount of logging that is written to these connector-specific logs is controlled by two flags: INFO and DEBUG. By default the INFO flag is enabled. To log additional data to a connector-specific log file, the DEBUG flag can be enabled.
NOTE: The connector_name is the name of the connector which correlates to a name column in an internal database table. This name may or may not be the same as the display name seen in the SecurID Governance & Lifecycle user interface under AFX > Connectors.
Resolution
To enable connector-specific debug logging, perform the following steps:
- Go to AFX > Connectors
- Choose the desired connector (for example: Active Directory Connector)
- Click on Edit Log Settings
- Change the root logger from INFO to DEBUG
- Press OK.
Note: Do not forget to reset the debug logging back to INFO to avoid flooding the logs.
To enable debug logging pre-7.0.1, please see RSA Knowledge Base Article 000033429 -- How to turn on debug logging to troubleshoot AFX connectors in versions 7.0.0, 6.9.1 and 6.8.1 of RSA Identity Governance & Lifecycle .
To enable debug logging in 7.0.1 through 7.5.0, please see RSA Knowledge Base Article 000053328 -- How to turn on debug logging to troubleshoot AFX connectors in versions 7.0.1 through 7.5.0 of RSA Identity Governance & Lifecycle
Notes
2019-10-21 15:13:28.327 [DEBUG] org.mule.api.processor.LoggerMessageProcessor:121 - XML Payload from JMS: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Envelope xmlns="http://aveksa.com/afx/messages/primary">; <Header> <version>1.0</version> <appid>ACM</appid> <crid>13</crid> <type>response</type> <callback>NA</callback> <afxid>66132122-4890-4fa0-93f7-d9f11b7c1898</afxid> <async-callback>false</async-callback> <async-callback-url>http://localhost:8089/callback/66132122-4890-4fa0-93f7-d9f11b7c1898</async-callback-url>; <testmessage>false</testmessage> </Header> <Body> <Request timestamp="2019-10-21T15:13:20.674-04:00" id="1"> <epid>Active_DirectoryConnector</epid> <verb name="AddAccountToGroup"> <parameters> <parameter name="Account">CN=Book\, Rita,OU=SE,OU=vcloud Users,DC=2k8r2-vcloud,DC=local</parameter> <parameter name="Group">CN=G1,OU=vcloud Users,DC=2k8r2-vcloud,DC=local</parameter> </parameters> </verb> <Response timestamp="2019-10-21T15:13:28.299-04:00"> <status> <code>0</code> <brief>Success</brief> <detailed></detailed> </status> </Response> </Request> </Body> </Envelope>
