To log error in process handing in the system journal
At the process steps in the Designer, enable the Log errors to journal option.
For detailed information about editing processes and process steps, see the One Identity Manager Configuration Guide.
One Identity Manager logins and One Identity Manager logoffs can be recorded in the system journal.
NOTE: Logins and logoffs are recorded in the QBM_VDialogJournalLoginAudit view.
To record successful One Identity Manager logins
In the Designer, set the Common | Journal | LoginAudit configuration parameter.
To record One Identity Manager logoffs
In the Designer, set the Common | Journal | LogoffAudit configuration parameter.
To support troubleshooting in OAuth 2.0/OpenID Connect authentication you can log personal login data, such as information about tokens or issuers. The log is written to the object log file (<appName>_object.log) of the respective One Identity Manager component.
To log authentication data
In the Designer, set the QBM | DebugMode | OAuth2 | LogPersonalInfoOnException configuration parameter.
Configuration setting for logging messages are made by NLog in Globallog.config. Globallog.config is referenced in the One Identity Manager component's configuration files.
IMPORTANT: The settings in globallog.config apply globally to all One Identity Manager components. Use the application specific *.exe.config configuration file to customize individual components.
NOTE: The default settings of the globallog.config file assume that %localappdata% has write access.
If an *.exe does not have the correct permissions, by changing the logBaseDir variable in globallog.config or by introducing a special log configuration in the application-specific *.exe.config or Web.config configuration file, you can write the log to a directory with write access.
Use variables to define names, output path and layout of the log files. The variable appName is defined in the One Identity Manager component's configuration files.
The targets section defines the output targets for the messages. NLog already has predefined targets that you can use in the configuration file.
The rules section is used to define rules for logging the messages. For an exact description and functionality of NLog, see the online help (http://nlog-project.org/).
<nlog autoReload="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<variable name="companyName" value="One Identity"/>
<variable name="productTitle" value="One Identity Manager"/>
<variable name="logBaseDir" value="${specialfolder:LocalApplicationData}/${companyName}/${productTitle}/${appName}"/>
<variable name="layout" value="${longdate} ${level:upperCase=true} (${logger} ${event-context:item=SessionId}) : ${event-context:item=Indention}${message} ${exception:format=ToString,StackTrace}" />
<targets async="true">
<default-wrapper xsi:type="BufferingWrapper" bufferSize="256" flushTimeout="2000" />
<target name="logfile" xsi:type="File" fileName="${logBaseDir}/${appName}.log" layout="${layout}" encoding="utf-8"
archiveFileName="${logBaseDir}/${appName}.{#}.log" maxArchiveFiles="7" archiveEvery="Day" archiveNumbering="Rolling"/>
</targets>
<targets>
<target name="eventLog" xsi:type="EventLog" source="${companyName} ${productTitle} ${appName}" layout="${message}${newline}${exception:format=tostring}"/>
</targets>
<rules>
<logger name="*" minlevel="Info" writeTo="logfile"/>
<logger name="*" level="Fatal" writeTo="eventLog"/>
</rules>
</nlog>
You can enter the severity level through:
| Severity Level | Description |
|---|---|
| Trace | Logs highly detailed information. This setting should only be used for analysis purposes. The log file quickly becomes large and cumbersome. |
| Debug | Logs debug steps. This setting should only be used for testing. |
| Info | Logs all information. |
| Warning | Logs all warnings. |
| Error | Logs all error messages. |
| Fatal | Logs all critical error messages. |
By providing logger name, you specify for which One Identity Manager components messages are logged. Messages are logged for all components with the default setting logger name="*". To limit logs to certain components, use the name contained in the log.
| Logger name | Description |
|---|---|
| FrontendLog | Logs actions in front-ends. |
| JobGenLog | Logs during process generation. |
| Jobservice | Logs One Identity Manager Service messages. |
| ObjectLog | Logs object actions through the object level. |
| ProjectorEngine | Logs messages from the synchronization engine. |
| SqlLog | Logs database queries |
| StopWatch |
Logs timings. |
| SystemConnection | Detailed logging of data communication with the system connection during synchronization, including system configuration and system connectors' data communication. |
| SystemConnector | Logs system connector data communication during synchronization. |
| Update | Logs update handling. |
| WebLog | Logs Web service actions. |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center
