Skip to main content
Version: 8.7

Configure logging

Configure and use logging to access detailed operational information for Identity .

Identity logging configuration

The Identity component uses the Apache Log4j2 framework to control the log level and log format.

The logging configuration included in the Identity image is as follows:

<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN" monitorInterval="30">
<Properties>
<Property name="LOG_PATTERN">%clr{%d{yyyy-MM-dd HH:mm:ss.SSS}}{faint} %clr{%5p} %clr{${sys:PID}}{magenta}
%clr{---}{faint} %clr{[%15.15t]}{faint} %clr{%-40.40c{1.}}{cyan} %clr{:}{faint} %m%n%xwEx
</Property>
<Property name="LOG_FILE_PATTERN">%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{1.} %enc{%msg}%n
</Property>
<Property name="LOG_FILE_NAME_PATTERN">logs/identity.%d{yyyy-MM-dd-mm-ss}.log</Property>
</Properties>
<Appenders>
<Console name="Console" target="SYSTEM_OUT" follow="true">
<PatternLayout pattern="${env:IDENTITY_LOG_PATTERN:-${LOG_PATTERN}}"/>
</Console>
<Console name="Stackdriver" target="SYSTEM_OUT" follow="true">
<JsonTemplateLayout eventTemplateUri="classpath:GcpLayout.json" locationInfoEnabled="true"/>
</Console>
<RollingFile
name="File"
fileName="${env:IDENTITY_LOG_FILE_NAME:-logs/identity.log}"
filePattern="${env:IDENTITY_LOG_FILE_NAME_PATTERN:-${LOG_FILE_NAME_PATTERN}}"
append="true">
<PatternLayout pattern="${env:IDENTITY_LOG_FILE_PATTERN:-${LOG_FILE_PATTERN}}"/>
<Policies>
<TimeBasedTriggeringPolicy interval="${env:IDENTITY_LOG_FILE_ROTATION_DAYS:-1}"/>
<SizeBasedTriggeringPolicy size="${env:IDENTITY_LOG_FILE_ROTATION_SIZE:-50 MB}"/>
</Policies>
</RollingFile>
</Appenders>
<Loggers>
<Logger name="io.camunda.identity" level="${env:IDENTITY_LOG_LEVEL:-info}"/>
<Root level="warn">
<AppenderRef ref="${env:IDENTITY_LOG_APPENDER:-Console}"/>
</Root>
</Loggers>
</Configuration>

General configuration options

Identity provides support for configuring the log level:

Environment variableAccepted values
IDENTITY_LOG_LEVELOFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE, ALL

Supported logging outputs

As part of configuration, Identity provides multiple appenders for outputting logs.

To configure which logging appender is used, set the IDENTITY_LOG_APPENDER environment variable to either Console, Stackdriver, or File.

Console

Console logging produces messages to standard output and is the default log appender. The Console log appender offers additional configuration options as follows:

Environment variableAccepted values
IDENTITY_LOG_PATTERNSee the Log4j2 pattern layout docs for possible placeholders.

Stackdriver

The Stackdriver log appender produces messages to standard output in a format that is compatible with the GCP cloud platform.

This appender uses the GCP layout provided by the Log4j2 library.

File

The File log appender produces messages to a rotating log file. The File log appender offers additional configuration options as follows:

Environment variableAccepted values
IDENTITY_LOG_FILE_PATTERNSee the Log4j2 pattern layout docs for possible placeholders.
IDENTITY_LOG_FILE_ROTATION_DAYSSee the Log4j2 time-based triggering policy -> interval for possible values.
IDENTITY_LOG_FILE_ROTATION_SIZESee the Log4j2 size-bsed triggering policy for possible values.

Custom logging configuration

You can provide your own logging configuration by mounting a configuration file to the Identity container and setting the path to the file using the following variable:

Environment variablePurpose
LOGGING_CONFIGThe path to your Log4j2 config XML file
note

To write logs to a file in a containerized environment, the mounted directory containing the log file has to be writable under the user running Identity.