SiteMinder audit log smaccess.log did not rollover
search cancel

SiteMinder audit log smaccess.log did not rollover

book

Article ID: 231585

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

An API program is running on the same 12.8 base release Linux policy server, then performs some policy store object update. 

From time to time, even with log rotation configuration in place,  it is observed when this situation occurs that there is a file named smaccess.log and a file named smaccess.<timestamp>.log, 

but the Policy Server is unexpectedly writing to the smaccess.<timestamp>.log and not the supposedly newer file.

Log rollover policy is set to daily rollover at 23:59. 

RolloverDays=                            0x1; REG_DWORD
RolloverInterval=                            0; REG_DWORD
RolloverOnStart=                       0x1; REG_DWORD
RolloverSize=                                0; REG_DWORD
RolloverTime=                        23:59; REG_SZ

The suspected root cause is that Native API program never close the file lock, hence Policy Server could not complete the log rotation.

However, there is no error anywhere to indicate so.

Environment

Release : 12.8

Component : SITEMINDER -POLICY SERVER

Cause

This is a product limitation.

Resolution

There is an issue where both of the processes check and update the same sm.registry file.
Customer can work around it by making sure that both processes won't access the registry at rollover time (23:59 in their case).
Stop the api program before the rollover time and start it again afterwards,  so Policy Server process is the one that rolls over the log file.

Additional Information

DE522798

Powered by Wolken Software