Logs in PAM360
PAM360 records different types of logs for various product-specific events. The log files contain error messages and other information that aids in analyzing and troubleshooting product-related issues. The event logs are stored locally in a text file under the directory path - <PAM360_Installation_Directory>\logs.
1. Steps to Configure Log Level Settings
Follow the below steps to configure and modify the log levels, as required:
- Navigate to Admin >> Settings and click Log Level.
- In the pop-up, choose INFO or DEBUG from the drop-down and click Save.
- INFO - The default log level which records only the essential data such as date, time, name of the service, event, and status of the event.
- DEBUG - The log level that records details about each event happening during any operation in the product. Say, for example, you are trying to troubleshoot a major discrepancy, such as import or password reset failure, change the log level to 'Debug' and replicate the issue to get a clear picture of the roor cause of the issue - this information will be helpful in troubleshooting and resolving the errors.
2. Types of Logs in PAM360
PAM360 offers a wide range of logs dedicated to cataloging detailed information about different types of operations in the product.
Sl. No: | Types of Logs | Log Name |
Description |
---|---|---|---|
1. | PAM360 application-related logs |
serverout0.txt |
This is the primary log file for the PAM360 web application. This log file contains the log prints related to the application XML files loading during startup, establishing a connection with the database, loading of encryption/decryption modules, execution of all scheduled operations by the application and their status, authentication responses, and other product operation prints. |
pam0.txt |
This is another log file that will contain the actual application logs. But this file will primarily contain logs related to CLI connections such as SSH connections to Linux/Unix-based devices or Network devices, scheduled database backup prints, and remote connection prints for AD Sync and other remote operations. For any password reset issues of SSH-based devices, this log can be verified to identify the root cause. This file will also contain prints related to High availability replication. Refer to this file for any HA-related issues. |
||
updatemanager.log |
This log file is recorded when the upgrade process is triggered using the commands <PAM360_Installation_Folder>/bin/UpdateManager.bat or UpdateManager.sh. During each upgrade operation, a new updatemanager log file is created - these log files are crucial for troubleshooting upgrade failures. Therefore, please save a copy of these log files before reverting to the backup of the PAM360 directory. |
||
sysenvout.txt |
This file contains the logs related to the server where the application is deployed and its corresponding environmental variables. This includes information about OS-specific settings such as date and time zone settings, OS level shortcuts for commands, and system variables. |
||
2. | Startup-related logs | wrapper.log |
This service startup log contains entries about the number of service startups, along with the list of all modules that are populated during the startup. Refer to this log to identify the root cause of any startup-related issues. |
pamdetails.txt |
This log file contains the product version details, build number, product architecture, database details, and product edition info. Note that this log file will only get populated upon successful service startup. |
||
catalina.log
|
This log file contains the logs related to the Tomcat web server startup. Refer to this log for issues related to the SSL certificate of the web server or the product UI not loading even after a successful service startup. |
||
pamstartup_log.txt
|
This log file contains the status of the PAM360 service and information about the instance type i.e. if it is the primary or the secondary instance in case HA is enabled. |
||
3. | Database-related logs | pglog.log
|
This file contains logs related to the Postgres database that comes bundled with the product. Please note that this file does not print any entries unless there are issues with the database. |
sqlconsole.log
|
This log file contains prints related to SQL database errors that may occur while using MS SQL database as the backend. |
||
changeDB.log
|
The product comes bundled with a default Postgres database. However, users can set up their MS-SQL instance as the backend using the command PAM360/bin/ChangeDB.bat command. During the ChangeDB operation, this log file is created. Refer to this log for any issues related to connecting to a new SQL database backend. |
||
startDB.log
|
Using the command <PAM360_Installation_Folder>/bin/startDB.bat, you can start the database independently without starting up the product itself. Any start-up failures that may occur during a database start-up will be recorded in this log file, along with the error messages, which will further aid you in troubleshooting. |
||
PAM360\pgsql\data\pg_log
|
Error logs related to database start-up and operations, printed by the default PostgreSQL database, will be available in this log file. If you encounter any start-up issues or errors such as "Trying to start Postgres failed," this log file will contain the root cause for the failure. |
||
4. | Access and Authentication-related logs | access_log.txt | This log file contains prints related to accessing PAM360 from different machines using different web browsers, and from mobile applications. Refer to this log for any issues related to the product UI not loading or page not found errors. |
smartcard0.txt | This log file contains logs related to SmartCard/PKI-based authentication, if enabled. |
||
5. | SSH CLI API Operations log | sshd.txt | PAM360 comes bundled with an SSH daemon, which is primarily used for SSH CLI API operations. The logs related to the SSH server and its prints will be available in this log file. |
6. | Active Directory-related logs | AD_IMPORT_USERS_RESOURCES.txt | This file contains the log prints for operations performed with the Active Directory integration such as importing users, resources and groups from AD. |
7. | Security issue-related log | security-log.txt | This log file captures all security errors that are identified in PAM360. The solution has in-built security implementations to block XSS, CSRF, and DoS scripting attacks. Therefore, any script injection or other security penetration attempts will be captured in this log file. |
3. Log Retention and Storage
By default, the log files are stored in the path '<PAM360_Installation_Directory>\logs'.
In general, the log files are used only to identify the root cause of errors and troubleshoot issues. The Audits feature in the product captures extensive log trails about the user and system-related operations and securely stores them in the PAM360 database, accessible from the PAM360 web interface. Therefore, the log files are safe to be deleted periodically. When you encounter an issue, it is recommended that you delete or rename the existing logs and reproduce the issue so that a fresh set of logs can be created—this will facilitate easy analysis and quicker troubleshooting.
If you wish to move some of the main logs to a remote location for security reasons, you can do so by following the below steps:
- Navigate to the directory path <PAM360_Installation_Directory>\conf and open the file named wrapper.conf.
- Find the below mentioned line and change the directory path mentioned here.
For example, wrapper.java.additional.24=-Duser.home=E:\PAM360Logs
wrapper.java.additional.24=-Duser.home=<Remote Directory>
The following files can be stored in remote locations:
- AD_IMPORT_USERS_RESOURCES0.txt
- catalina0.txt
- pam0.txt
- pamdetails0.txt
- pglog_0.log
- pkilog0.txt
- smartcard0.txt
- sqlconsole0.log
- security-log-0.txt
- sysenvout0.txt
- serverout0.txt
All the primary log files are designed to be automatically rolled over as separate files with a number added at the end of the filename; therefore, you will find log files with filenames such as pam0, pam1, and pam2 in the directory.
However, some logs such as AD_IMPORT_USERS_RESOURCES.txt and access_log.txt will not be rolled over and will continue logging in the same file. Since these logs take a long time to increase in size, it is safe to delete them if required.
Note: Please ensure that you stop the PAM360 service before deleting any log files.