删除旧的 http_access 日志 - WSO2 APIM 3.2.0 和 WSO2 IS 5.11.0

【问题标题】:Removing older http_access logs - WSO2 APIM 3.2.0 and WSO2 IS 5.11.0删除旧的 http_access 日志 - WSO2 APIM 3.2.0 和 WSO2 IS 5.11.0
【发布时间】:2021-11-12 06:13:06
【问题描述】:

我正在使用WSO2 APIM 3.2.0WSO2 IS 5.11.0

我有登录目录${sys:carbon.home}/repository/logs/

我可以通过在${sys:carbon.home}/repository/conf/log4j2.properties 中添加以下配置来删除超过 30 天的旧文件来管理日志增长

appender.ERROR_LOGFILE.strategy.action.type = Delete
appender.ERROR_LOGFILE.strategy.action.basepath = 
${sys:carbon.home}/repository/logs/
appender.ERROR_LOGFILE.strategy.action.maxdepth = 1
appender.ERROR_LOGFILE.strategy.action.condition.type = IfLastModified
appender.ERROR_LOGFILE.strategy.action.condition.age = 30D
appender.ERROR_LOGFILE.strategy.action.PathConditions.type = IfFileName
appender.ERROR_LOGFILE.strategy.action.PathConditions.glob = wso2-apigw-errors-*

我可以对 wso2carbon 执行相同的审计日志,但 log4j2.properties 不支持 http_access 日志。

${sys:carbon.home}/repository/conf/tomcat/catalina-server.xml 中,AccessLogValve 可以控制 http_access 日志。

我不确定如何使用此 XML 文件删除旧日志。 谁能告诉我怎么做?

【问题讨论】:

    标签: tomcat wso2 log4j2 wso2-am wso2is


    【解决方案1】:

    正如您已正确识别的那样,org.apache.catalina.valves.AccessLogValve 用于记录 http 访问日志。

    如果要删除超过 30 天的访问日志文件,可以使用此选项https://stackoverflow.com/a/57826692/10055162

    导航到<IS-HOME>/repository/resources/conf/templates/repository/conf/carbon.xml.j2 并将属性maxDays="30" 添加到AccessLogValve,如下所示。然后重启服务器。

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs"
                       prefix="http_access_" suffix=".log" pattern="{{http_access_log.pattern}}"  maxDays="30" />

    由于这些配置添加不是模板化的,你不能通过deployment.toml进行配置

    有关该物业的更多信息: https://tomcat.apache.org/tomcat-7.0-doc/config/valve.html

    【讨论】:

    • 我在AccessLogValve中添加了属性maxDays="30"并重启了服务器,重启后看不到变化,消失了。
    • 你改了 carbon.xml.j2 还是 carbon.xml ?
    【解决方案2】:

    WSO2 Identity Server 5.11.0 能够从 log4j.properties 文件本身配置 HTTP 访问日志。虽然文档中尚未提供此功能,但您必须按照以下说明进行配置。

    以下行添加到deployment.toml 文件

    [http_access_log]
useLogger = true

    这将启用控制来自log4j2.properties 文件的访问日志的功能。按照以下说明更改log4j2.properties文件中的配置。

    1. 将 HTTP_ACCESS 添加到现有的“appenders”

      appenders = CARBON_CONSOLE, CARBON_LOGFILE, AUDIT_LOGFILE, ATOMIKOS_LOGFILE, CARBON_TRACE_LOGFILE, DELETE_EVENT_LOGFILE, TRANSACTION_LOGFILE, osgi, HTTP_ACCESS

    2. 将 HTTP_ACCESS 添加到现有的“记录器”

      loggers = HTTP_ACCESS, AUDIT_LOG, trace-messages, org-apache-coyote, com-hazelcast, Owasp-CsrfGuard, org-apache-axis2-wsdl-codegen-writer-PrettyPrinter, org-apache-axis2-clustering, org-apache-catalina, org-apache-tomcat, org-wso2-carbon-apacheds, org-apache-directory-server-ldap, org-apache-directory-server-core-event, com-atomikos, org-quartz, org-apache-jackrabbit-webdav, org-apache-juddi, org-apache-commons-digester-Digester, org-apache-jasper-compiler-TldLocationsCache, org-apache-qpid, org-apache-qpid-server-Main, qpid-message, qpid-message-broker-listening, org-apache-tiles, org-apache-commons-httpclient, org-apache-solr, me-prettyprint-cassandra-hector-TimingLogger, org-apache-axis-enterprise, org-apache-directory-shared-ldap, org-apache-directory-server-ldap-handlers, org-apache-directory-shared-ldap-entry-DefaultServerAttribute, org-apache-directory-server-core-DefaultDirectoryService, org-apache-directory-shared-ldap-ldif-LdifReader, org-apache-directory-server-ldap-LdapProtocolHandler, org-apache-directory-server-core, org-apache-directory-server-ldap-LdapSession, DataNucleus, Datastore, Datastore-Schema, JPOX-Datastore, JPOX-Plugin, JPOX-MetaData, JPOX-Query, JPOX-General, JPOX-Enhancer, org-apache-hadoop-hive, hive, ExecMapper, ExecReducer, net-sf-ehcache, axis2Deployment, equinox, tomcat2, StAXDialectDetector, org-apache-directory-api, org-apache-directory-api-ldap-model-entry, TRANSACTION_LOGGER, DELETE_EVENT_LOGGER, org-springframework, org-opensaml-xml-security-credential-criteria, org-wso2-carbon-user-core, org-wso2-carbon-identity, org-wso2-carbon-identity-sso-saml

    3. 添加新添加的logger和appender的配置(可以根据需要更改值)。

      logger.HTTP_ACCESS.level = INFO
logger.HTTP_ACCESS.appenderRef.HTTP_ACCESS.ref = HTTP_ACCESS
logger.HTTP_ACCESS.additivity = false

# Appender for HTTP Access Log
appender.HTTP_ACCESS.type = RollingFile
appender.HTTP_ACCESS.name = HTTP_ACCESS
appender.HTTP_ACCESS.fileName =${sys:carbon.home}/repository/logs/http_access.log
appender.HTTP_ACCESS.filePattern =${sys:carbon.home}/repository/logs/http_access-%d{MM-dd-yyyy}.log
appender.HTTP_ACCESS.layout.type = PatternLayout
appender.HTTP_ACCESS.layout.pattern = [%X{Correlation-ID}] %mm%n
appender.HTTP_ACCESS.policies.type = Policies
appender.HTTP_ACCESS.policies.time.type = TimeBasedTriggeringPolicy
appender.HTTP_ACCESS.policies.time.interval = 1
appender.HTTP_ACCESS.policies.time.modulate = true
appender.HTTP_ACCESS.policies.size.type = SizeBasedTriggeringPolicy
appender.HTTP_ACCESS.policies.size.size=10MB
appender.HTTP_ACCESS.strategy.type = DefaultRolloverStrategy
appender.HTTP_ACCESS.strategy.max = 20
appender.HTTP_ACCESS.filter.threshold.type = ThresholdFilter
appender.HTTP_ACCESS.filter.threshold.level = INFO

    您可以参考创建的this 文档票证以将该功能添加到文档中。

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2022-12-15
      • 1970-01-01
      • 1970-01-01
      • 2021-01-30
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode