4.1 Access Gateway Appliance Logs

This section contains the following information about the Access Gateway Appliance logs:

4.1.1 Configuring Log Levels

You can use the following procedure to set the level of information logged to the ics_dyn.log file in the /var/log directory.

  1. On the Linux Access Gateway Appliance, log in as root.

  2. At the command prompt, enter the following command:

    nash

  3. At the nash shell prompt, enter the following command:

    configure .current

  4. To change the log level, enter the following command:

    log-conf log-level <log level>

    Replace <log level> with the new log level that you want to set.

    Level

    Description

    LOG_EMERG

    Sends only messages that render the system unusable, if they are not resolved.

    LOG_ALERT

    Sends only messages that require immediate action.

    LOG_CRIT

    Sends only messages about critical situations.

    LOG_ERR

    Sends warning messages about recoverable errors.

    LOG_WARNING

    Sends warning messages.

    LOG_NOTICE

    Sends information about the status of a service to the service configuration logs.

    LOG_INFO

    Sends informational messages such as requests sent to Web servers and the results of authentication requests.

    LOG_DEBUG

    Sends debug messages.

    When you run the /etc/init.d/novell-vmc start command, the default log level is set to LOG_NOTICE. You can change the log level to any level from LOG_EMERG to LOG_INFO.

  5. To apply changes, enter the following command:

    apply

  6. To exit from the configuration mode, enter the following command:

    exit

  7. To exit from the nash shell, enter the following command:

    exit

4.1.2 Interpreting Log Messages

The entries in the ics_dyn.log file have the following format:

<time-date-stamp> <hostname> : <AM#event-code> : <AMDEVICE#device-id> : <AMAUTHID#auth-id> : <AMEVENTID#event-id> :<supplementary log entry data and text>

A sample log message is given below:

Aug  3 14:35:41 c1h : AM#504503000: AMDEVICEID#ag-0BDF41AAC4CDCBE5 : AMAUTHID#0: AMEVENTID#74: Process request 1 'www.lag-202.com' '/AGLogout' [192.10.100.111:38091 -> 192.10.106.2:80]

The fifth and sixth digits in the <AMEVENTID#event-id> refer to the Access Gateway components. The following table list the numbers and the components which they denote.

Number

Component

01

Multi-Homing component

02

Service Manager

03

Request Processing

04

Authentication

05

Authorization

06

Identity Injection

07

Form Fill

08

Caching

09

Response Processing

11

Rewriting

12

Soap Channel

14

IVM

15

Connection Manager.

16

VXE

17

DataStream

4.1.3 Configuring Logging of SOAP Messages and HTTP Headers

  1. On the Linux Access Gateway Appliance, log in as root.

  2. At the command prompt, enter the following command:

    nash

  3. To enter the configuration mode, enter the following command:

    configure .current

  4. Enter one of the following commands to configure logging:

    Command

    Purpose

    		 
    log-conf debug-soap-messages enable

    Logs all the SOAP messages between the Access Gateway and the Embedded Service Provider to the /var/log/lagsoapmessages file.

    		 
    log-conf no debug-soap-messages enable

    Disables the logging of SOAP messages between the Access Gateway and the Embedded Service Provider.

    		 
    log-conf debug-http-headers enable

    Logs all the HTTP headers between the browsers and the Access Gateway and between the Access Gateway and the Web servers to the /var/log/laghttpheaders file.

    		 
    log-conf no debug-http-headers enable

    Disables the logging of HTTP headers to the /var/log/laghttpheaders file.

  5. To apply changes, enter the following command:

    apply

  6. To exit from the configuration mode, enter the following command:

    exit

  7. To exit from the nash shell, enter the following command:

    exit