{"id":482,"date":"2019-05-22T12:47:30","date_gmt":"2019-05-22T08:17:30","guid":{"rendered":"http:\/\/www.enhisecure.com\/isecureblog\/?p=482"},"modified":"2019-05-22T12:47:30","modified_gmt":"2019-05-22T08:17:30","slug":"configure-logging-through-iiq-console","status":"publish","type":"post","link":"https:\/\/www.enhisecure.com\/isecureblog\/2019\/05\/22\/configure-logging-through-iiq-console\/","title":{"rendered":"Sailpoint Identity IQ: Refresh logging through IIQ console"},"content":{"rendered":"\n<p><a href=\"https:\/\/www.sailpoint.com\/\">Sailpoint <\/a><a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IdentityIQ <\/a>uses <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j <\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/Java_logging_framework\">framework <\/a>for <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">logging<\/a>. &#8220;<a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j.properties<\/a>&#8221; is the file where all the <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">logging <\/a>related properties are configured. <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IdentityIQ <\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">Servers <\/a>would a need a refresh of the <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j <\/a>configurations after anything changes to <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4.properties <\/a>are made.<\/p>\n\n\n\n<p>Usually this kind of refresh is performed through <a href=\"https:\/\/en.wikipedia.org\/wiki\/User_interface\">UI <\/a>from the debug pages in <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IdentityIQ<\/a>. Following are the steps to follow for refreshing <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j <\/a>configurations through <a href=\"https:\/\/en.wikipedia.org\/wiki\/User_interface\">UI<\/a>. <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Launch the debug pages in <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IdentityIQ<\/a><\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-3-1024x279.png\" alt=\"This image has an empty alt attribute; its file name is image-3-1024x279.png\"\/><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li>Click on the &#8220;<a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">Logging<\/a>&#8221; option in the menu.<br \/><\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"237\" height=\"479\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-4.png\" alt=\"\" class=\"wp-image-809\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-4.png 237w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-4-148x300.png 148w\" sizes=\"auto, (max-width: 237px) 100vw, 237px\" \/><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li>Click on &#8220;Reload <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">Logging <\/a>Configuration&#8221;<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"160\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-5.png\" alt=\"\" class=\"wp-image-810\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-5.png 600w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-5-300x80.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/figure>\n\n\n\n<p><strong>Problem context:<\/strong><\/p>\n\n\n\n<p> <br \/><a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j<\/a> configurations whenever there are any changes have to refreshed across all the servers present in the environment. However, when a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Load_balancing_(computing)\">load balancer <\/a>is configured, we might not have control to access individual <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers <\/a>through UI, thus making the refresh of <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j <\/a>configurations through UI on each <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">server<\/a>.<\/p>\n\n\n\n<p><strong>Possible solutions:<\/strong><\/p>\n\n\n\n<p>There are 3 possible solutions for this problem.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Temporarily re-directing <a href=\"https:\/\/en.wikipedia.org\/wiki\/Load_balancing_(computing)\">load-balancer<\/a> traffic to only one <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">server <\/a>and refresh the configurations on the same through debug pages. This process has to be repeated across all the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers<\/a>.<\/li><li>Accessing <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IdentityIQ<\/a> through individual <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">server <\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/Hostname\">host-names<\/a> or <a href=\"https:\/\/en.wikipedia.org\/wiki\/IP_address\">IP addresses<\/a> rather than <a href=\"https:\/\/en.wikipedia.org\/wiki\/Load_balancing_(computing)\">load balancer <\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/URL\">URL<\/a>. This may not be quite helpful as <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers <\/a>are usually configured in a way that individual <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers <\/a>redirect us towards <a href=\"https:\/\/en.wikipedia.org\/wiki\/Load_balancing_(computing)\">load balancer <\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/URL\">URL<\/a>.<\/li><li>Best way in which this could be performed is through <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IIQ <\/a>console.<br \/>Following are the steps to follow for the same.<ul><li>Launch <a href=\"https:\/\/www.sailpoint.com\/products\/IdentityIQ\/\">IIQ <\/a>console on one of the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers<\/a><\/li><li>Modify the <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j<\/a>.properties as required.<\/li><li>Refresh the <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/\">log4j <\/a>configurations using the command &#8220;logconfig&#8221; as shown in the below screenshot.<\/li><\/ul><\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"747\" height=\"118\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-8.png\" alt=\"\" class=\"wp-image-813\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-8.png 747w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2019\/05\/image-8-300x47.png 300w\" sizes=\"auto, (max-width: 747px) 100vw, 747px\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Repeat the above steps for all <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_(computing)\">servers <\/a>in the environments.<\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sailpoint IdentityIQ uses log4j framework for logging. &#8220;log4j.properties&#8221; is the file where all the logging related properties are configured. IdentityIQ Servers would a need a refresh of the log4j configurations after anything changes to log4.properties are made. Usually this kind of refresh is performed through UI from the debug pages in IdentityIQ. Following are the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,14,16],"tags":[79,10,29,11],"class_list":["post-482","post","type-post","status-publish","format-standard","hentry","category-identity-governance","category-sailpoint","category-technology","tag-best-practices","tag-identity-iq","tag-iiq","tag-sailpoint"],"_links":{"self":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/comments?post=482"}],"version-history":[{"count":9,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/482\/revisions"}],"predecessor-version":[{"id":818,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/482\/revisions\/818"}],"wp:attachment":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/media?parent=482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/categories?post=482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/tags?post=482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}