Steps to Turn on Directory time and query logging

book

Article ID: 48955

calendar_today

Updated On:

Products

DIRECTORY CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER CA Service Management - Service Desk Manager CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent CA Process Automation Base

Issue/Introduction

Description:

This document shows you step by step how to turn on Directory time and query logging, which is helpful in troubleshooting connections problems

Solution:

Steps to Turn on Directory time and query logging Windows

The CA Directory is commonly setup as a router/dxlink to connect to multiple LDAP or AD's as a remote user store. So if you want to capture the specific problem details of that connection you will need to enable logging on the CA Directory router and then restart the Directory router dsa.

Then recreate the problem to capture the details of the problem to see what CA directory is doing at the time of the issue.

One very helpful method to troubleshoot login delays is to use the time and query log level on the CA Directory router/dxlink connection to a remote LDAP/AD. Below we show how to turn this on for troubleshooting login or search delays against the remote LDAP or AD.

This CA Directory logging can be changed in the
../dxserver/config/logging/default.dxc file by changing the line
set trace = error;
Change to
set trace = time,query;

See below EXAMPLE:
# DSA trace log - Used for debugging
set trace-log = "logs/$s_trace.log";
set trace = time,query;

<Please see attached file for image>

Figure 1

Optionally you could create a log to store each specific log type by adding these lines as well.
set time-log = "logs/$s_time.log";
set query-log = "logs/$s_query.log";

<Please see attached file for image>

Figure 2

Once this is set in the file the CA Directory router service needs to be restarted or re-initialized to take effect. You can use the command below to have Directory re-read its configuration files and start the logging set.

dxserver init all

Once the servicer are restarted or reinitialized you will find that there are 2 new log files in the log folder

Router_time_date.log
Router_query_Date.log

<Please see attached file for image>

Figure 3

Note: If you are on Unix you will first need to su to the dsa user (or Directory service user defined in your install).

su - dsa

Before testing the problem please note the time and recreate the problem.

Once the problem happens capture the logs in the folder below with the current date.
C:\Program Files\CA\Directory\dxserver\logs

Then remember to turn off the time and query logging with the steps below so you do not fill up all the disk space.

This trace logging can be changed in the
../dxserver/config/logging/default.dxc file by changing the line
set trace = time,query;
Change to
set trace = error;

See below EXAMPLE:
# DSA trace log - Used for debugging
set trace-log = "logs/$s_trace.log";
set trace = error;

<Please see attached file for image>

Figure 4

Once this is set in the file the Directory service needs to be re-initialized or restarted again to take effect.
You can use the command below to have Directory re-read its configuration files and reset the logging to default error level.

dxserver init all

Note: If you are on Unix you will first need to su to the dsa user (or Directory service user defined in your install).

su - dsa

Environment

Release:
Component: ETEIAM

Attachments

1558721380821000048955_sktwi1f5rjvs16w1f.gif get_app
1558721379118000048955_sktwi1f5rjvs16w1e.gif get_app
1558721377317000048955_sktwi1f5rjvs16w1d.gif get_app
1558721375196000048955_sktwi1f5rjvs16w1c.gif get_app