Configure logging
Configure and use logging to access detailed operational information for Identity .
Identity logging configuration
The Identity component uses the Apache Log4j2 framework to control the log level and log format.
The logging configuration included in the Identity image is as follows:
<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN" monitorInterval="30">
<Properties>
<Property name="LOG_PATTERN">%clr{%d{yyyy-MM-dd HH:mm:ss.SSS}}{faint} %clr{%5p} %clr{${sys:PID}}{magenta}
%clr{---}{faint} %clr{[%15.15t]}{faint} %clr{%-40.40c{1.}}{cyan} %clr{:}{faint} %m%n%xwEx
</Property>
<Property name="LOG_FILE_PATTERN">%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{1.} %enc{%msg}%n
</Property>
<Property name="LOG_FILE_NAME_PATTERN">logs/identity.%d{yyyy-MM-dd-mm-ss}.log</Property>
</Properties>
<Appenders>
<Console name="Console" target="SYSTEM_OUT" follow="true">
<PatternLayout pattern="${env:IDENTITY_LOG_PATTERN:-${LOG_PATTERN}}"/>
</Console>
<Console name="Stackdriver" target="SYSTEM_OUT" follow="true">
<JsonTemplateLayout eventTemplateUri="classpath:GcpLayout.json" locationInfoEnabled="true"/>
</Console>
<RollingFile
name="File"
fileName="${env:IDENTITY_LOG_FILE_NAME:-logs/identity.log}"
filePattern="${env:IDENTITY_LOG_FILE_NAME_PATTERN:-${LOG_FILE_NAME_PATTERN}}"
append="true">
<PatternLayout pattern="${env:IDENTITY_LOG_FILE_PATTERN:-${LOG_FILE_PATTERN}}"/>
<Policies>
<TimeBasedTriggeringPolicy interval="${env:IDENTITY_LOG_FILE_ROTATION_DAYS:-1}"/>
<SizeBasedTriggeringPolicy size="${env:IDENTITY_LOG_FILE_ROTATION_SIZE:-50 MB}"/>
</Policies>
</RollingFile>
</Appenders>
<Loggers>
<Logger name="io.camunda.identity" level="${env:IDENTITY_LOG_LEVEL:-info}"/>
<Root level="warn">
<AppenderRef ref="${env:IDENTITY_LOG_APPENDER:-Console}"/>
</Root>
</Loggers>
</Configuration>
General configuration options
Identity provides support for configuring the log level:
| Environment variable | Accepted values |
|---|---|
IDENTITY_LOG_LEVEL | OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE, ALL |
Supported logging outputs
As part of configuration, Identity provides multiple appenders for outputting logs.
To configure which logging appender is used, set the IDENTITY_LOG_APPENDER environment variable to either Console, Stackdriver, or File.
Console
Console logging produces messages to standard output and is the default log appender. The Console log appender offers additional configuration options as follows:
| Environment variable | Accepted values |
|---|---|
IDENTITY_LOG_PATTERN | See the Log4j2 pattern layout docs for possible placeholders. |
Stackdriver
The Stackdriver log appender produces messages to standard output in a format that is compatible with the GCP cloud platform.
This appender uses the GCP layout provided by the Log4j2 library.
File
The File log appender produces messages to a rotating log file. The File log appender offers additional configuration options as follows:
| Environment variable | Accepted values |
|---|---|
IDENTITY_LOG_FILE_PATTERN | See the Log4j2 pattern layout docs for possible placeholders. |
IDENTITY_LOG_FILE_ROTATION_DAYS | See the Log4j2 time-based triggering policy -> interval for possible values. |
IDENTITY_LOG_FILE_ROTATION_SIZE | See the Log4j2 size-bsed triggering policy for possible values. |
Custom logging configuration
You can provide your own logging configuration by mounting a configuration file to the Identity container and setting the path to the file using the following variable:
| Environment variable | Purpose |
|---|---|
LOGGING_CONFIG | The path to your Log4j2 config XML file |
To write logs to a file in a containerized environment, the mounted directory containing the log file has to be writable under the user running Identity.