PrivX Log Settings
By default, regular and audit events are logged to syslog. Audit events use the namespace SSH-PRIVX-AUDIT
, and other (debug/info/warning/error) messages use the namespace SSH_PRIVX
.
You can adjust the locations to which PrivX writes logs, and the log level of each microservice. The log locations are configured by settings in /opt/privx/etc/shared-config.toml
.
# Should we send PrivX system events to logs under /var/log/privx
# send_regular_events_to_stdout = false
send_regular_events_to_stdout = false
# Should we send PrivX audit events to syslog
# send_regular_events_to_syslog = true
send_audit_events_to_syslog = true
# Should we send PrivX system events to syslog
# send_regular_events_to_syslog = true
send_regular_events_to_syslog = true
To enable debug output for a microservice:
-
Edit
/opt/privx/scripts/local-env
. Here you can set the logging and trace level per microservice. The example will set Authorizer-microservice log level toDEBUG
and trace to5
:AUTHORIZER_LOG_LEVEL=DEBUG AUTHORIZER_TRACE=5
After editing the
/opt/privx/scripts/local-env
the microservice(s) needs to be restarted to apply the changes. In this example only Authorizer restart is needed.# systemctl restart authorizer
Alternatively, restart all PrivX services to apply configuration changes to all microservices.
# systemctl restart privx
-
By default, the system-logging service rsyslog is configured to show INFO-level messages only, which blocks DEBUG messages. To configure rsyslog to show DEBUG-level messages, find the following line in the rsyslog configuration file,
/etc/rsyslog.conf
:*.info;mail.none;authpriv.none;cron.none /var/log/messages
And change it to, for example:
*.debug;mail.none;authpriv.none;cron.none /var/log/messages
Restart rsyslog to apply the changes:
# systemctl restart rsyslog
Updated over 3 years ago