ICF 1.5.20.19

Connector logs

By default, logging is not enabled for RCS.

It can be difficult to determine if the root cause of a problem is at the ICF or connector level, or at the application level.

The ICF API sets the LoggingProxy at a very high level. You can consider the Logging Proxy as the border between the application (IDM) and the ICF framework.

Logging levels

Finer logging levels generate more noise but can be helpful when troubleshooting:

  • SEVERE (highest value, least noise)

  • WARNING

  • INFO

  • CONFIG

  • FINE

  • FINER

  • FINEST (lowest value, most noise)

Enable IDM connector logging

If you are using ICF connectors bundled with IDM, you can adjust the log levels for specific parts of the system in the path/to/openidm/conf/logging.properties file. To start logging, enable the Logging Proxy and set the level for all or some operations:

Enable the LoggingProxy
org.identityconnectors.framework.impl.api.LoggingProxy.level=FINE
Log all operations
org.identityconnectors.framework.api.operations.level=FINE
Log specific operations
org.identityconnectors.framework.api.operations.CreateApiOp.level=FINE
org.identityconnectors.framework.api.operations.UpdateApiOp.level=FINE
org.identityconnectors.framework.api.operations.DeleteApiOp.level=FINE

You can log any of the following operations:

  • AuthenticationApiOp

  • CreateApiOp

  • DeleteApiOp

  • GetApiOp

  • ResolveUsernameApiOp

  • SchemaApiOp

  • ScriptOnConnectorApiOp

  • ScriptOnResourceApiOp

  • SearchApiOp

  • SyncApiOp

  • TestApiOp

  • UpdateApiOp

  • ValidateApiOp

Enable Java RCS logging

For additional Java RCS logging information, refer to this Knowledge Base article.

To enable debug logging in the remote Java Connector Server, edit the xml configuration file /lib/framework/logback.xml to uncomment the following line:

<logger name="org.identityconnectors.framework.impl.api.LoggingProxy" level="DEBUG" additivity="false">
    <appender-ref ref="TRACE-FILE"/>
</logger>
<logger name="org.identityconnectors.framework.api.operations" level="DEBUG" additivity="false">
    <appender-ref ref="TRACE-FILE"/>
</logger>

Rolling log policy

To change the total size for all log files or maximum time length before a log rolls over to a new file, edit /lib/framework/logback.xml and update the applicable maxHistory and totalSizeCap properties. The default rolling log policy has the following configuration:

<maxHistory>30</maxHistory>
<totalSizeCap>1GB</totalSizeCap>

For more information, refer to maxHistory and totalSizeCap in the Logback documentation.

Enable .NET RCS logging

To enable logging in the .NET RCS, edit the ConnectorServer.exe.config configuration file, and set the logging.proxy key to true:

<add key="logging.proxy" value="true"/>
Copyright © 2010-2023 ForgeRock, all rights reserved.