Debug log files
Debug logs provide information that helps you in troubleshooting BMC Atirum Single Sign-On (SSO) errors. You can modify the debugging configuration details in the debugconfig.properties file located at <installationDirectory>\tomcat\webapps\atriumsso\WEB-INF\classes\ directory.
By default, separate debug files are created for major components of BMC Atrium SSO. Based on the properties in debugconfig.properties file and the logging level that you select in BMC Atrium SSO Admin Console, different error, warning, and message debug files are created in the following directory, <installationDirectory>/tomcat/logs. For more information about the log file locations, see Log-file-locations.
The following topics are provided:
Debug logs configuration file
Following are the default values in the debugconfig.properties file. You can change these values as per your requirements.
- org.forgerock.openam.debug.prefix=debug — This prefix is used for each debug file that is generated in BMC Atrium SSO. The default prefix is debug.
- org.forgerock.openam.debug.suffix='.'u'.log' — This suffix is used for each new debug file that is generated. The default suffix used for each new file is " '.'u.'log'" (number of day of week starting from Monday). For example, the debug file name for Wednesday is debug.debug.out.3.log.
- org.forgerock.openam.debug.rotation=1440 — This value is the interval after which a new log file is generated. The default time interval for generating new log file is 1440 minutes (24 hours).
- org.forgerock.openam.debug.history.files.count=7 — This value is the count which is used to specify an amount of stored log files. The default count is 7 (one for each day of the week). The value suggests that only 7 latest log files are saved to the logging directory. If there are already 7 files in the directory, the oldest file is deleted on the next day and a new one is created.
Error or warning log files
If you have set the logging level to either Error or Warning from the Server Configuration Editor on the BMC Atrium SSO Admin Console, following debug files are generated for troubleshooting:
- debug.Authentication — contains information about problems encountered during user authentication, including authentication services, framework, modules, callbacks, JAAS, and API
- debug.Configuration — contains information about problems with the OpenAM configuration
- debug.CoreSystem — contains information about problems specific to your core deployment of OpenAM that is not part of the authentication process or part of your current configuration, including core infrastructure services, PLL, cookies, naming, logging, and upgrades
- debug.Entitlement — contains information about problems specific to entitlement
- debug.Federation — contains information about problems specific to federation, including federated SSO, the federation protocols (SAML, SAML 2.0, ID-FF, and WS-Federation), metadata, hub, and circles of trust
- debug.IdRepo — contains information about problems specific to the identity repository, including datastores and plugins
- debug.Policy — contains information about problems specific to the policies that you have setup, including policy framework, their subjects, conditions, resource attributes, plugins, and API
- debug.Session — contains information about problems specific to OpenAM sessions, including session framework, management SSOToken, failover, and API
- debug.WebServices — contains information about problems specific to Web Services, including STS and Identity Services
Message log file
If you have set the logging level to Message from the Server Configuration Editor on the BMC Atrium SSO Admin Console, following debug file is generated for troubleshooting:
- debug.debug.out — This file is a merged representation of all debug log files. It contains all the information that is logged in the system. This file is created only if the Logging Level is set to Message.