Modifying log4j2.xml
For sending logs to a Syslog server, we need to modify the log4j2.xml file found in /opt/EasyAccess/Server/config (Linux) or C:/program files/EasyAccess/Server/config (Windows). The original contents are shown below:
log4j2.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2015 PhenixID AB (http://phenixid.net) - All Rights Reserved
~
~ Proprietary and confidential
~
~ Unauthorized copying and distribution of this file (via any medium) is strictly prohibited
~
~ For more information please contact: info@phenixid.se
-->
<Configuration monitorInterval="30">
<Appenders>
<Console name="CONSOLE" target="SYSTEM_OUT">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
</Console>
<RollingFile
name="FILE"
fileName="logs/server.log"
filePattern="logs/server.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
<RollingFile
name="EVENT"
fileName="logs/event.log"
filePattern="logs/event.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
</Appenders>
<Loggers>
<AsyncLogger name="com.phenixidentity" level="DEBUG"/>
<AsyncLogger name="io.netty" level="WARN"/>
<AsyncLogger name="com.hazelcast" level="WARN"/>
<AsyncLogger name="org.vertx" level="WARN"/>
<AsyncLogger name="com.orientechnologies" level="WARN"/>
<Logger name="EVENT" level="INFO" additivity="false">
<AppenderRef ref="EVENT"/>
</Logger>
<Root level="WARN">
<AppenderRef ref="FILE"/>
</Root>
</Loggers>
</Configuration>
For sending to just a Syslog server change the above to:
log4j2.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2015 PhenixID AB (http://phenixid.net) - All Rights Reserved
~
~ Proprietary and confidential
~
~ Unauthorized copying and distribution of this file (via any medium) is strictly prohibited
~
~ For more information please contact: info@phenixid.se
-->
<Configuration monitorInterval="30">
<Appenders>
<Console name="CONSOLE" target="SYSTEM_OUT">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
</Console>
<RollingFile
name="FILE"
fileName="logs/server.log"
filePattern="logs/server.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
<RollingFile
name="EVENT"
fileName="logs/event.log"
filePattern="logs/event.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
<Syslog
name="CEF"
host="1.1.1.1"
port="514"
protocol="UDP">
facility="LOCAL7"
</Syslog>
</Appenders>
<Loggers>
<AsyncLogger name="com.phenixidentity" level="DEBUG"/>
<AsyncLogger name="io.netty" level="WARN"/>
<AsyncLogger name="com.hazelcast" level="WARN"/>
<AsyncLogger name="org.vertx" level="WARN"/>
<AsyncLogger name="com.orientechnologies" level="WARN"/>
<Logger name="EVENT" level="INFO" additivity="false">
<AppenderRef ref="EVENT"/>
<AppenderRef ref="CEF"/>
</Logger>
<Root level="WARN">
<AppenderRef ref="FILE"/>
</Root>
</Loggers>
</Configuration>
Sending logs to InCenter
For InCenter there are some more things that we need to change as well. First, modify log4j2.xml to look like this:
log4j2.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2015 PhenixID AB (http://phenixid.net) - All Rights Reserved
~
~ Proprietary and confidential
~
~ Unauthorized copying and distribution of this file (via any medium) is strictly prohibited
~
~ For more information please contact: info@phenixid.se
-->
<Configuration monitorInterval="30">
<Appenders>
<Console name="CONSOLE" target="SYSTEM_OUT">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
</Console>
<RollingFile
name="FILE"
fileName="logs/server.log"
filePattern="logs/server.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
<RollingFile
name="EVENT"
fileName="logs/event.log"
filePattern="logs/event.%date{yyyy-MM-dd}.log"
append="true">
<PatternLayout pattern="%d [%c{1}] %p: %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy interval="1"/>
</Policies>
</RollingFile>
<Syslog
name="CEF"
host="1.1.1.1"
port="514"
protocol="UDP">
<PatternLayout>
<Pattern>%m%n</Pattern>
</PatternLayout>
</Syslog>
</Appenders>
<Loggers>
<AsyncLogger name="com.phenixidentity" level="DEBUG"/>
<AsyncLogger name="io.netty" level="WARN"/>
<AsyncLogger name="com.hazelcast" level="WARN"/>
<AsyncLogger name="org.vertx" level="WARN"/>
<AsyncLogger name="com.orientechnologies" level="WARN"/>
<Logger name="EVENT" level="INFO" additivity="false">
<AppenderRef ref="EVENT"/>
<AppenderRef ref="CEF"/>
</Logger>
<Root level="WARN">
<AppenderRef ref="FILE"/>
</Root>
</Loggers>
</Configuration>
Next, we need to add the following to the /opt/EasyAccess/Server/bin/start-PhenixID.sh file (Linux) or to the C:/program files/EasyAccess/Server/bin/EasyAccess.vmotion file (Windows):
for Linux:
JAVA_OPTS="${JAVA_OPTS} -Dcom.phenixidentity.globals.datetimepattern=yyyy-MM-dd'T'HH:mm:ssXXX" |
for Windows:
-Dcom.phenixidentity.globals.datetimepattern=yyyy-MM-dd'T'HH:mm:ssXXX |
These changes will require an EasyAccess server restart to take affect.
Additional information on log4j framework:
https://document.phenixid.net/m/90910/l/1138916-edit-log-settings
https://logging.apache.org/log4j/2.x/
Related articles
Brian Smart Search (Beta)
15 Jan, 2024 dictionary troubleshoot core stream incontrol incenter oneconnect cloudservice
15 Jan, 2024 dictionary troubleshoot core stream incontrol incenter oneconnect cloudservice
Missing fonts when installing EasyAccess 4.0.2
30 Mar, 2021 linux easyaccess
30 Mar, 2021 linux easyaccess
Returning Session and/or Idle timeout in a RADIUS Scenario.
21 Jan, 2021 easyaccess radius
21 Jan, 2021 easyaccess radius
How to disable OneTouch or OTP for specific users on RADIUS Authenticators.
24 Feb, 2021 easyaccess radius
24 Feb, 2021 easyaccess radius
How to configure passwordless OneTouch authentication
24 Feb, 2021 easyaccess radius saml sso onetouch
24 Feb, 2021 easyaccess radius saml sso onetouch
Upgrading EasyAccess to PhenixID Authentication Services
16 Aug, 2024 changeme easyaccess phenixid pas
16 Aug, 2024 changeme easyaccess phenixid pas
How do I work with nested groups (AD) in EasyAccess
21 Jan, 2021 easyaccess
21 Jan, 2021 easyaccess
Changing EasyAccess MyApps icons through the WebUI
18 May, 2021 easyaccess myapps
18 May, 2021 easyaccess myapps
High Severity vulnerability in Apache Log4J 2
14 Dec, 2021 easyaccess log4j
14 Dec, 2021 easyaccess log4j
Vulnerability in Apache Log4J 2 which is used in InCenter
12 Jan, 2022 incenter log4j vuln
12 Jan, 2022 incenter log4j vuln
How to import and enroll Feitian Hardware Keys (HOTP)
18 Jan, 2021 easyaccess hotp
18 Jan, 2021 easyaccess hotp