Out of support This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Using BMC Atrium Single Sign-On for logging

BMC Atrium Single Sign-On provides logging level options at the server level and at the agent level. In addition, debug logging can be enabled for RSA SecurID.

The logging level options at both the server and agent level include:

  • Off — Turns off logging.
  • Error (default) — Returns the least amount of information. The logging level is typically kept at this default.
  • Message — Generates the most verbose logs but severely impacts server performance. Message level should only be used when an issue is being worked on.

  • Warning — Returns more information than Error, but less than Message.

    Note

    BMC recommends that for normal operation, set Logging Level to either Off or Error.

To enable logging at the server level

  1. On the BMC Atrium SSO Admin Console, click Edit Server Configuration.
  2. In the Logging Level section, select your logging level from the drop down menu.
  3. Click Save.
  4. Restart the server for the logging configuration change to take effect.

The default log file location is in the following directory:
<installationDirectory>/tomcat/webapps/atriumsso/WEB-INF/config/atriumsso/debug

To enable logging at the agent level

  1. On the BMC Atrium SSO Admin Console, click Agent Details.
  2. Select the agent that you want to update.
  3. In the Logging Level section, select your logging level from the drop down menu.
  4. Click Save.
  5. Restart the agent for the logging configuration change to take effect.

The default location for the log files generated by the agent is the temporary directory of the web container where the agent is deployed. For example, for the Tomcat server, the location is the CATALINA_HOME directory and for IBM WebSphere, the location is the AppServer directory.

To modify the rsa_api.properties file

For RSA SecurID, additional debug logging is available by modifying the rsa_api.properties file.

  1. Navigate to <installationDirectory>/tomcat/webapps/atriumsso/WEB-INF/config/atriumsso/auth/ace/data
  2. Edit the rsa_api.properties file.
  3. Change the RSA_ENABLE_DEBUG property from NO to YES.
     Changing this property increases the volume of debugging information supplied by the RSA SecurID module.
  4. Access the rsa_api_debug.log file in the debug logging directory for this information.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*