Novell Home

My Favorites

Close

Please to see your favorites.

AGS proxy HTTP logs written to wrong location after applying NAM 3.1 SP5

This document (7011927) is provided subject to the disclaimer at the end of this document.

Environment

NetIQ Access Manager 3.1
NetIQ Access Manager 3.1 Support Pack 5 applied
NetIQ Access Manager 3.1 Access Gateway Service running on Linux

Situation

After upgrading the Access Gateway Service (AGS) from 3.1.4 to 3.1.5, the proxy HTTP logs are created in /var/log/novell-apache2/ instead of /var/log/novell/reverse/[proxyname]. Looking at the configuration files for the problem proxy services (/etc/opt/novell/apache2/conf/vhosts.d/), we could clearly see that the configuration was defined incorrectly with the wrong paths. For example, the following CustomLog entry shows the /var/log/novell-apache2/ path:

  LogFormat "%t - %h - %<u %A %v %m %U %U %q \"%r\" %>s %O %I %D \"%{user-agent}i\" \"%{IPCZQX0}C\" \"%{referer}i\" - %a \"%{BALANCER_WORKER_IP}e\" \"%{x-forward-for}i\" %s %I \"%{Content-Range}o\" \"%{ETag}o\" %X \"%{Cache-Control}o\" \"%{Range}o\" \"%{If-Range}o\" %B \"%{Pragma}i\" \"%{Pragma}o\"" srv2-srv2
  CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell-apache2/srv2-srv2.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" srv2-srv2 env=srv2

The correct path should have been like the following entry with /var/log/novell/reverse/web01/web01-web01c ...

LogFormat "%t - %h - %<u %A %U %s %I \"%{Content-Range}o\" \"%{ETag}o\" %X \"%{Cache-Control}o\" \"%{Range}o\" \"%{If-Range}o\" %B \"%{Pragma}i\" \"%{Pragma}o\"" web01-web01c
  CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell/reverse/web01/web01-web01c.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" web01-web01c env=web01c


Resolution

Manually verify that the valid path where the HTTP log entries should exist is actually there. It appears that if the Proxy cannot write the logs to /var/logs/novell/reverse it will instead write them to /var/logs/novell-apache2.
 
When we applied 3.1.5, it failed to write the logs if /var/logs/novell/reverse/[proxy] did not exist, so we had to create that folder manually.Make sure that the permissions for the directories are set to the following too:
 
    chmod 770 /var/log/novell
    chown novlwww:novlwww /var/log/novell
    chmod 755 /var/log/novell/reverse
    chown novlwww:novlwww /var/log/novell/reverse
    chmod 755 /var/log/novell/reverse/*
    chown novlwww:novlwww /var/log/novell/reverse/*
    /etc/init.d/novell-tomcat5 restart

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7011927
  • Creation Date:13-MAR-13
  • Modified Date:13-MAR-13
    • NetIQAccess Manager (NAM)

Did this document solve your problem? Provide Feedback