Several cluster-wide properties are required for enabling full SSL/TLS transaction logs. Set the following cluster-wide properties to the indicated values.

1. io.debugSsl to true
2. log.stdoutLevel to FINE
3. log.levels to STDOUT.level=FINE

SSL/TLS transaction logs are very verbose and can make interpreting normal message processing and auditing traffic difficult to read or find. In order to keep these items separate, a second log sink will be created specifically for the SSL/TLS transaction logs. To create this sink:

1. Log into the Layer 7 Policy Manager as an administrative user.
2. Open the Manage Log/Audit Sinks task.
3. Create a new Log Sink.
4. Provide a Name and Description.
5. Enable the Log Sink.
6. Set the Severity Threshold to ALL.
7. Set the following filters:
   • Category=Gateway Log
   • Package=STDOUT

Once the new log sink is created, restart the Layer 7 Gateway service. The new log sink will be created in /opt/SecureSpan/Gateway/node/default/var/logs/ with the name specified in Step #4.