Setting the PAM Client logs trace level in debug
Article ID: 100445
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
Sometimes it is necessary to enable additional debugging for the CA PAM Client in order to understand why it is failing. This document explains how to enable debug level logging for the CA PAM Client
Users have request this as such: I need to obtain more information from the CA PAM Client behavior. Is there any way I can put the client in debug for more granular footprints in logs.log ?
Users have request this as such: I need to obtain more information from the CA PAM Client behavior. Is there any way I can put the client in debug for more granular footprints in logs.log ?
Resolution
In order to turn on additional logging for the PAM Client you must create a blank file called
log.user.properties
in the folder where the PAM client is installed.
Again, ensure this log.user.properties file you create contains no data.
Additional information will be logged in the CA PAM Client log file, called logs.log.
Note that increasing the debugging for CA PAM Client will cause it to write much more detailed information which, in turn, will make logs.log to rotate and produce several files over time. If asked for client logs.log files by Broadcom Support please submit the complete list of logs.log.N (where N is a number) files. For example logs.log, logs.log.1, logs,log.2 etc.)
To avoid creating unnecessary logs that are too verbose, please delete the log.user.properties file as soon as troubleshooting is completed, to generate CA PAM Client logs at the normal logging level.
log.user.properties
in the folder where the PAM client is installed.
Again, ensure this log.user.properties file you create contains no data.
Additional information will be logged in the CA PAM Client log file, called logs.log.
Note that increasing the debugging for CA PAM Client will cause it to write much more detailed information which, in turn, will make logs.log to rotate and produce several files over time. If asked for client logs.log files by Broadcom Support please submit the complete list of logs.log.N (where N is a number) files. For example logs.log, logs.log.1, logs,log.2 etc.)
To avoid creating unnecessary logs that are too verbose, please delete the log.user.properties file as soon as troubleshooting is completed, to generate CA PAM Client logs at the normal logging level.
For additional information please also refer to : "Applet log level" versus log."user.properties" file to obtain pam client logs
Additional Information
None.
Feedback
Yes
No
Powered by
