Skip to content

Configuring Server Logging

Endi S. Dewata edited this page Oct 21, 2021 · 14 revisions

Overview

PKI server provides logging service using java.util.logging (JUL) framework.

The configuration is located at /var/lib/pki/pki-tomcat/conf/logging.properties which by default is a link to /usr/share/pki/server/conf/logging.properties.

By default the server will only log WARNING or SEVERE messages (see Level):

.level = WARNING

org.mozilla.jss.level = WARNING
org.dogtagpki.level = WARNING
com.netscape.level = WARNING
netscape.level = WARNING

If the server is running on the background as a systemd service, the messages will be logged into the systemd journal. To view the systemd journal:

$ journalctl -fu pki-tomcatd@pki-tomcat.service

If the server is being run on the foreground using the pki-server run command, the messages will appear on the console.

Note: The server may also generate the following files in /var/lib/pki/pki-tomcat/logs but they are not actually used:

  • catalina.YYYY-MM-DD.log

  • host-manager.YYYY-MM-DD.log

  • localhost.YYYY-MM-DD.log

  • manager.YYYY-MM-DD.log

Configuring Server Logging

To change the server logging configuration, replace the logging.properties link with a copy of the default configuration:

$ rm -f /var/lib/pki/pki-tomcat/conf/logging.properties
$ cp /usr/share/pki/server/conf/logging.properties /var/lib/pki/pki-tomcat/conf
$ chown pkiuser.pkiuser /var/lib/pki/pki-tomcat/conf/logging.properties

Edit the logging.properties copy as needed. For example, to log INFO messages:

org.mozilla.jss.level = INFO
org.dogtagpki.level = INFO
com.netscape.level = INFO
netscape.level = INFO

Finally, restart the server.

See Also

Clone this wiki locally