Worker Log
Worker Loggers log each transaction handled by a worker and can be configured per worker.
By default, the worker logger AllFieldsWorkerLogger is used, which logs all the available fields one after another, separated by semi colons.
To configure the Worker Logger, set the WORKERLOGGER property to the full class name of the IWorkerLogger implementation in the respective worker configuration.
AllFieldsWorkerLogger
The default worker logger for most workers. Can be used during testing to find which fields a worker logs, and may then be changed to the PatternWorkerLogger to only log fields that are of interest.
The LOGLEVEL_DEFAULT sets the level of the log output. The log levels are specified as the standard Log4J levels (FATAL, ERROR, WARNING, INFO, DEBUG, and TRACE) and default to the log level INFO if not set.
WORKERLOGGER=org.signserver.server.log.AllFieldsWorkerLogger
LOGLEVEL_DEFAULT=INFO
SecurityEventsWorkerLogger
The SecurityEventsWorkerLogger worker logger uses the CESeCore security events logger and includes all fields in the additionalDetails fields in the audit log, except for the worker ID, which is mapped to searchDetail2.
The properties LOGINCLUDEFIELDS and LOGEXCLUDEFIELDS can be used to restrict the fields included in additionalDetails by explicitly setting a comma-separated list of field names.
Note that only one of these options can be set at a time.
WORKERLOGGER=org.signserver.server.log.SecurityEventsWorkerLogger
PatternWorkerLogger
The LOGLEVEL_DEFAULT property has the same behavior as the AllFieldsWorkerLogger.
WORKERLOGGER=org.signserver.server.log.PatternWorkerLogger
LOGTIMEZONE=GMT
LOGDATEFORMAT=yyyy-MM-dd:HH:mm:ss:z
LOGPATTERN=\$\{(.+?)\}
LOGORDER=AUDIT; LOG_ID: ${LOG_ID}; CLIENT_IP: ${CLIENT_IP}; REQUEST_FULLURL: ${REQUEST_FULLURL}; RequestTime: ${LOG_TIME}; ResponseTime: ${REPLY_TIME}; EXCEPTION: ${EXCEPTION};
LOGLEVEL_DEFAULT=INFO
DefaultTimeStampLogger
Pattern logger with a default log order suitable for logging time-stamp requests. This logger is the default logger used by the TimeStampSigner.
WORKERLOGGER=org.signserver.module.tsa.DefaultTimeStampLogger
NullWorkerLogger
Worker logger that does not log anything.
WORKERLOGGER=org.signserver.server.log.NullWorkerLogger
CustomTimeStampLogger1
WORKERLOGGER=org.signserver.module.tsa.CustomTimeStampLogger1
FileWorkerLogger
Worker logger that writes the log values to a worker-specific log file. This logger logs all fields, similar to the AllFieldsWorkerLogger, and is mainly intended for use by unit tests, and is not thread safe.
WORKERLOGGER=org.signserver.server.log.FileWorkerLogger
LOG_FILE_PATH=/path/to/logfile
Available Log Fields
The following lists some of the available log fields and is not a complete listing of all log events.
Generic |
|
PROCESS_SUCCESS |
Contains the value "true" if the request succeeded. |
WORKER_ID |
ID of the worker that processed the request. |
REQUEST_ID |
ID of the request (usually a random number). |
LOG_ID |
A longer ID for the request (random number with dashes). |
EXCEPTION |
Included only in case of a failure processing the request and in that case could contain an error message. |
Signers |
|
CRYPTOTOKEN |
Name of the associated crypto worker which held the crypto token used when processing the request. |
Other |
|
XCUSTOM1 |
Included if the HTTP request header X-SignServer-Custom-1 is specified. |