Logging from policy to external file with rotation.

Have used an enhanced version of the LIBAJC WriteLog function for years to log relevant information and make troubleshooting easier.

WriteLog is rather basic and has a heap of limitations (like can't reliably write to same file from two drivers, no rotation if the file gets very big and so on).

Wondering if others have experimented here. Not after auditing per-se. This is purely a what happened "summary" type logging for troubleshooting operational issues.

However saw that  had played with calling Log4J from IDM - but do not want to go down the JAR path if I don't have to.

 /cyberres/idm/w/identity_mgr_tips/2134/integration-of-apache-log4j-into-novell-identity-manager

Have tested a little with an ECMAScript version of this code. I like the idea of this approach as these JARs ship with IDM.

However there are some downsides with this.

  1. Log4J is EOL, replaced 4 years back by Log4J2 (which doesn't ship with IDM)
  2. The DailyRollingFileAppender has known issues, which means one needs to use Apache Extras For Apache Log4j in addition.

Anyone delved into this area and willing to share their experiences (potentially also some ecma code) ?

  • You could look in the direction of log4j, or you could just do daily, weekly or monthly rotation based on dates in filenames.

     

  • For log rotation we've simply added a bit of code to check file size before writing and if it's exceeding a limit, rename existing files by deleting the #9 file, incrementing the number suffix on all others and starting a new file with the current write write operation. A limitation is that the desired file size and count has to be hard coded or passed to the function as an additional parameters. 10 files of 10MB each is what we use by default, if no parameters are given.

    If you prefer to rotate by time period, just append a date or time or week instead of a number

    We did not work on thread-safeness but I never ran into issues with java.io Streams and Writers even though we use this logging on most drivers and both channels always log to the same file. Maybe we've been just lucky, or something changed in recent Java versions compared to ~2009 when Shon ported the Java version to ECMA and commented about this.