The first place to look when you run into an issue with Data Governance Edition is the logs. The Data Governance Edition logs available are:
Data Governance configuration wizard log
Log name: Data Governance Configuration Wizard.exe.dlog
The Data Governance configuration wizard log is stored as a Trace log document (dlog) in the users AppData directory. For example: C:\Users\MyName.MyDomain\AppData\Local\One Identity\One Identity Manager\Data Governance Configuration Wizard\.
Used for capturing errors encountered while using the Data Governance Configuration wizard to deploy the Data Governance service and create the Resource Activity database.
Data Governance server log
Log name: DataGovernanceEdition. Service.exe.dlog
NOTE: The Data Governance server maintains rolling log files based on settings found in the DataGovernanceEdition.Service.exe.config file, therefore there may be multiple server log files in the Data Governance service installation directory. The first log file is the active log and is being maintained by the server. When this log file reaches a specified size, it is renamed (a number is appended to the name) and a new file is started with the original name.
NOTE: By default, the logging level is set to INFO. To change the logging level to get detailed logging:
- Locate the DataGovernanceEdition.Service.exe.config file in the Data Governance service installation directory.
-
Open the configuration file and edit the following setting:
<rules>
<logger name="*" minlevel="INFO" writeTo="logfile">
- Change INFO to DEBUG to get detailed logging.
- Save the file.
The server log is stored as a Trace log document (.dlog) in the Data Governance service installation directory. For example: %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Server\.
Used for capturing the following information:
- Data Governance service communication
- Group resolution and group expansion
- Agent lease expiration information
- Points Of Interest (POI) collection information
- Resource activity updates
- Security changes made on a resource from the Manager
- Incoming web service calls related to Data Governance Edition from the One Identity Manager web site
NOTE: In previous versions of Data Governance Edition, individual server log files were generated. Starting with Data Governance Edition version 7.0.2, the logging information from all of these server logs are now available in this single server log file.
Server logs can be viewed as described below:
- In the Manager, use the Get All Logs task to export the server log to a specified location. From that location, double-click the log file to view the log in the Log Viewer. For more information, see Getting server logs.
- From the Data Governance service machine, double-click the log file or right-click and select Open to view the log in the Log Viewer.
Applications and Services event logs
Severity error level events and audit events are written to the Applications and Services event logs on the Data Governance server under the "Data Governance" node.
- Severity error level errors have a "Source" of "Data Governance Edition".
- Audit events contain information on operations run by the server (such as security changes) and have a "Source" of "Data Governance Audit".
Data Governance agent deployment logs
Log name: <Agent name>_Agent.log
The agent deployment logs are stored as text files in the Agent Deployment Logs folder in the Data Governance service installation directory. For example: %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Server\Agent Deployment Logs\.
Used for capturing the agent deployment process for each individual agent. There is a separate agent deployment log for each agent installed in your Data Governance Edition deployment.
Agent deployment logs can be viewed as described below:
- In the Manager, use the Get All Logs task to export the agent deployment logs to a specified location. From that location, double-click the log file to view the log. For more information, see Getting server logs.
- From the Data Governance service machine, double-click the log file or right-click and select Open to view the log.
Data Governance agent logs
Log name: DataGovernance.Agent.exe.dlog
NOTE: By default, the logging level is set to INFO. To change the logging level to get detailed logging:
- Locate the agent's dlog.config file on the host computer in the agent installation directory (%ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\<Agent instance directory>\dlog.config).
-
Open the configuration file and edit the following setting:
<rules>
<logger name="*" minlevel="INFO" writeTo="logfile">
- Change INFO to DEBUG to get detailed logging.
-
Save the file.
No agent restart is required.
An agent log is stored as a Trace log document (.dlog) in a subfolder on the host computer in the agent installation folder. For example:
%ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DGE_<DeploymentName>_<HostDnsName>\.
Used for logging communications, synchronization processes and data transfers between the Data Governance server and the agent.
Agent logs can be viewed as described below:
- From the Manager, use the Export agent log task to export the selected agent log to a specified location. From that location, double-click the log file to view the log in the Log Viewer. For more information, see Exporting agent log.
- From the agent machine, double-click the log file or right-click and select Open to view the log in the Log Viewer.
Web client logs
The Web client log files are located in the following directory: C:\inetpub\wwwroot\IdentityManager\App_Data\Logs.
This directory contains a series of log files all named with a time stamp.
Errors encountered with the web client IT Shop are recorded to the web client logs.
The best way to get the proper log is to replicate the issue and take the file with the greatest timestamp.
Job server logs
The default URL for a Job Server log is: http://JobServerHost:1880/Log
Often when you have errors with Active Directory synchronization or report execution you can find clues in the One Identity Manager Job Server logs. In addition, errors encountered with the process chains used to process resource access requests in the IT Shop are recorded in the Job Server logs.
With a default configuration, you can browse these logs by launching a web browser and navigating to a specific URL on the computer hosting the Job Server.
Manager client log
Log name: QAM.Client.Log.dlog
If experiencing issues with Data Governance Edition inside the Manager client, enable the Data Governance Edition client side logging to determine if the issue is related to the user interface rather than the Data Governance server.
NOTE: By default, the logging level is set to INFO. To change the logging level to get detailed logging:
- Locate the Data Governance Edition client log configuration file (%ProgramFiles%\One Identity\One Identity Manager\QAM.Client.Log.config).
-
Open the configuration file and edit the following setting:
<rules>
<logger name="*" minlevel="INFO" writeTo="logfile">
- Change INFO to DEBUG to get detailed logging.
-
Save the file.
The Manager client log files are located in the user profile directory:
C:\Users\<Your User Name>\AppData\Local\One Identity\One Identity Manager\Manager
NOTE: To enable the latest LogView logging for the Manager client, modify the Manager configuration file (%ProgramFiles%\One Identity\One Identity Manager\Manager.exe.config) as follows:
Comment out the following:
<include file="${basedir}/globallog.config" ignoreErrors="true"/>
Add the following:
<include file="${basedir}/QAM.Client.Log.config" ignoreErrors="true"/>