"Main" log format

This section describes the log line format of logs written by the "MAIN" appender for each IAM module (web server, access, structured, parsable, etc. logs use different formats).

Note that the "parsable" log files variants (e.g. loginapp-parsable.log) are used by the Airlock IAM log viewer.
They must not be used by other systems as the format (and the location of the data) may change without notice.

Example log lines

Log lines not caused by a HTTP request: there is no SID (session ID) and no RID (request ID):

2018-01-29 09:08:15,644 INFO  [IAM - auth - adminapp - SID: 000000000000000000 - RID: 000000000000000000] | 001 Configuration:  ***** ADMINAPP MODULE: ACTIVATING *****
2018-01-29 09:08:15,644 INFO  [IAM - auth - adminapp - SID: 000000000000000000 - RID: 000000000000000000] | 001 Configuration: Version: 7.7

 Multi-line log lines showing an exception (showing only first few lines):

2018-01-29 10:02:22,247 ERROR [IAM - auth - loginapp - SID: 906927719100591752 - RID: 270869843594473181] | 001 ProvisionExceptionMapper: Error in custom provider, com.airlock.iam.common.api.domain.model.store.exception.StoreFailureException: The store com.airlock.iam.core.infrastructure.store.user.db.DatabaseUserStore@5244e506 encountered an exception
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 001 LogUtils: 
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 002 ---------------|  BEGIN OF EXCEPTION  |---------------
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 003   Exception-Type : com.airlock.iam.common.api.domain.model.store.exception.StoreFailureException
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 004   Message        : The store com.airlock.iam.core.infrastructure.store.user.db.DatabaseUserStore@452d2fa6 encountered an exception
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 005    Cause Message : Error while searching user with name "jdoe" (getting connection from data source): HikariPool-6 - Connection is not available, request timed out after 5001ms.
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 006    Cause Message : HikariPool-6 - Connection is not available, request timed out after 5001ms.
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 007 Connection is broken: "java.net.ConnectException: Connection refused: localhost:9001" [90067-176]
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 008    Cause Message : Connection refused
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 009   Stack-Trace    : 
2018-01-29 10:02:22,247 WARN  [IAM - auth - loginapp - SID: 906927719100591752 - RID: 206556668324927646] | 010 com.airlock.iam.core.infrastructure.store.user.persister.PersisterBasedUserStore.getByIdentity(PersisterBasedUserStore.java:67)
...

Log pattern:

Default log pattern

%d{DEFAULT} %-5p [IAM - ${sys:iam.instance.name} - ${web:initParam.CONTEXT_ID} - SID: %18e{mdc:GSID:0} - RID: %18e{mdc:REQUEST_ID:0}] | %e{header:3}%c{1}: %m%n

In custom log patterns, any "conversion pattern" supported by Log4j2 can be used. For example, any application parameter, like "iam.environment.id" can be included with "${sys:iam.environment.id}".

The pattern in the instance.properties file requires all colons (:) to be escaped with a leading backslash (\). For example: ${sys\:iam.environment.id}

The following table describes the default pattern:

Pattern

Example

Description

Length

%d{DEFAULT}
"2018-01-20 10:02:08,026"

Log timestamp in ISO-8601 format (YYYY-MM-DD hh:mm:ss,sss).

24

%-5p
"INFO "
"WARN "
"ERROR"

Log level (INFO, WARN, ERROR).

Padded with spaces to be 5 characters long.

5

%3e{system}
"IAM"

Log system.

May be referenced in custom legacy log patterns.

Value is always "IAM".

3

${sys:iam.instance.name}

"auth"

Instance name

any

${web:initParam.CONTEXT_ID}
"loginapp"
"adminapp"
"servicecontainerapp"
"transaction-approval" 
"api-policy-service"

Airlock IAM application module

any

SID: %18e{mdc:GSID:0}
"000000000000000000"
"977877275127002316"
"b0b480495715d0392043715bc8652c0" 

Session ID

>= 18

RID: %18e{mdc:REQUEST_ID:0}
"000000000000000000"
"515009677337963849
"WLQXQcCoOGUAACBiE74AAACD"

Request ID 

>= 18 

%e{header:3}
"001"
"002"
"1072" 

Line sequence number: numbers lines in multline messages such as exception stack traces.

 >=3

%c{1}
"ContextListener"
"LogUtils"

Name of the class (no package information) containing the log statement.
Note that in multi-line log messages, only the first line contains the class name.

 any

%m
"Version: 7.1"
"Token lists expire after 365 days"

Actual log message

any

%n

Line separator (platform dependent)

1-2