Skip to main content
Version: 8.2411.x.x RR

General tracing properties

BC.Tracer.LogFile

Type: String
Default: /var/opt/nevisproxy/<instance>/logs/navajo.log

The location of the main log file. You can configure a filename or call an external program with the syntax pipe://<external program>. Notes about configuring a custom location:

  • The directory containing the logs must exist when starting the instance.
  • The nevisProxy user must be able to read and write in this directory. See its username and group in the <Server> element of the navajo.xml file.

When using a pipe, the below LogFile parameters will be ignored. If pipe is not used, the Pipe parameters are ignored.

BC.Tracer.ThresholdBase

Type: integer
Range: 0 - 10
Default: 5

The threshold base for all trace groups. It is strongly recommended that you set the threshold base to severity level "5" - NOTICE at the least. By doing so, recommended settings, deprecated notices and other useful information appear in the logs.

BC.Tracer.MaxLogFileVersions

Type: integer
Default: 10

The number of rotated log files that will be written.

BC.Tracer.MaxLogFileSize

Type: integer
Default: 10000000

The maximum size of a log file.

BC.Tracer.LogFileAccess

Type: Octal file mask or comma-separated list of owner, group, and other.
Default: 0640

File mask that determines the log file permissions. Read and write flags for user are always set, regardless of the actual file mask used. If the comma-separated list is used, the corresponding write-bit will be added.

BC.Tracer.LogFileAppend

Type: Boolean
Default: true

If true, then the log will be added to the existing file (if any), otherwise a new file will be created (and the old one removed).

BC.Tracer.LogFileReopenInterval

Type: Integer
Unit: seconds
Default: 60

If during this time nothing is logged, the logfile will be closed and reopened again on the next log-entry.

BC.Tracer.LogFileCompression

Type: String
Default: not set

You may specify a program or script which shall be used to compress rotated files, e.g. /usr/bin/gzip.

BC.Tracer.Pipe.RetryInterval

Type: Integer
Unit: milliseconds
Default: 0

The timeout in milliseconds for piped log files, if the external program needs to be restarted. During that time no requests will be processed. By default, there is no interval, continue to attempt restarts without pausing in between.

BC.Tracer.Pipe.MaxRetries

Type: Integer
Default: 0

The number of maximal retries to start the external program, if it needs to be restarted. During restart no requests will be processed. If after BC.Tracer.Pipe.MaxRetries the external program can still not be started, you may lose some log information.

BC.Tracer.TimeFormat

Type: Enum
Possible values: ctime, detailed or time0
Default: detailed

The time format traced in the log file.

BC.Tracer.ProgName

Type: String
Default: not defined

The program name that appears on each line of the log file, just after the date. If not defined, the nevisProxy version will be logged. For example: 

2019 02 01 11:53:37.600 3.14.0.0 IW4Esau4Co 30371.140514241705728 5-NOTICE: Esauth4ConnectorServlet_1_0::pollTerminatedSessions: (NevisAuthConnector)

BC.Tracer.LogDir

Type: String

In which directory to save the log files. This property will be ignored if BC.Tracer.LogFile is either a pipe or an absolute filename.

BC.Tracer.VersioningTimes

Type: String
Format: <minutes> <hours> <days> <months> <weekdays>

Interval on which a logfile will be rotated. The time and date fields and allowed values are the following:

  • minute 0-59
  • hour 0-23
  • day of month 1-31
  • month 1-12
  • day of week 0-6

A field may be an asterisk, which always stands for "first-last". This property will be ignored if the BC.Tracer.LogFile is a pipe or if a BC.Tracer.MaxLogFileSize is set.

BC.Tracer.LogArchiveFormat

Type: String

The format of the archived logfile (after rotation). Legal specifiers are:

  • %Y (4-digit year)
  • %y (last two digits of year [00..99])
  • %m (month [01..12])
  • %d (day of month [01..31])
  • %H (hour [00..23])
  • %M (minute [00..59])
  • %f (filename without extension)

BC.Tracer.LogArchiveDir

Type: String

Defines the directory where to save the archived files. If none is set, then the directory where the log file is located will be used.

BC.Tracer.DebugProfile.Secrets.Cipher

Type: String
Default: AES

Defines the cipher to encrypt the sensitive data within the log. The following ciphers are supported:

  • AES: Corresponds to the OpenSSL cipher "aes-128-cbc".
  • DES: Corresponds to the OpenSSL cipher "des-cbc".
  • Blowfish: Corresponds to the OpenSSL cipher "bf-cbc".
  • DESede: Corresponds to the OpenSSL cipher "des-ede3".
  • RC4: Corresponds to the OpenSSL cipher "rc4".

BC.Tracer.DebugProfile.<tracegroup>.Secrets.Key

Type: String

Defines the key to encrypt the sensitive data for the given <tracegroup>. If no key is set, the string *** will be traced. If the trace level is lower than DEBUG_LOW, a *** will be traced. In all other cases the sensitive data will be encrypted with the given cipher (see BC.Tracer.DebugProfile.Secrets.Cipher) and the given <key>.

Encrypted data can be decrypted with the openssl command:

echo "<encrypted data>" | openssl enc -d -a -<cipher> -K `bin2hex <key>` -iv `bin2hex 0123456789ABCDEF`

The binary bin2hex is delivered with the nevisProxy package. You can find it in /opt/nevisproxy/bin.

BC.Tracer.LineCounter

Type: Boolean
Default: disabled

If true then each log entry will start with a 4 digit long number that is automatically incremented. The number will reset to 0000 after 9999.

ch.nevis.navajo.tracing.TraceId.Format

Type: String
Default: %o

Possible values are:

  • %i: Remote address
  • %p: Process identifier (PID)
  • %h: Host ID
  • %t: Timestamp
  • %c: Counter
  • %o: The traceId from OpenTelemetry
  • %u: Sets either an unique ID (%i-%p-%h-%t-%c) or the traceId of OpenTelemetry (%o) if OpenTelemetry Tracing is configured.It sets as well as the UNIQUE_ID variable in the Apache environment variables (apache-env)
  • %H[<name>]: Value of <name> in the request header
  • %E[<name>]: Value of <name> in the Apache environment variables (apache-env)
  • %C: The name of the connector
  • %X: The name or address of the context

If "%u" is set, the UNIQUE_ID (Apache environment variables) adopts this value. If "%u" is not set, the UNIQUE_ID will adopt the resulting value of ch.nevis.navajo.tracing.TraceId.Format. To be sure that the ID is unique, the following values should be set: either: %u or %o or (at least): %p, %h, %t, and %c.

ch.nevis.navajo.tracing.ReconfigurationPeriod

Type: Integer
Unit: seconds
Default 60

Dynamically checks the bc.properties file for changes and reapplies tracing configuration.

ch.nevis.nevisproxy.LocalLogFileName

Type: String
Usage constraints: conditional, experimental

Points to a filename where you can change the trace level based on the incoming request. The content of the file is a new-line separated list of conditions and tracegroups. You cannot use PATH_INFO inside the Condition for the property. The PATH_INFO is not yet evaluated when the local trace groups are activated. If you use PATH_INFO in this case, the error [NVST, 0020] occurs. To increase some tracelevels for an IP-range, the content of the file would look like the example below.

See also the chapter Conditional parameters and pragmas for more information about conditional parameters. The level of the trace group BC.Tracer.DebugProfile.Apache can only be modified in a limited way. The log level of Apache messages that occur while nevisProxy is processing the request can be modified as specified in the file. However Apache messages that occur outside of this time frame are logged according to the main level of the trace group BC.Tracer.DebugProfile.Apache.

Example

Condition:REMOTE_ADDR:CIDR/10.4.12.0/24/
Pragma: block-begin
BC.Tracer.DebugProfile.NavajoOp=4
BC.Tracer.DebugProfile.IsiwebOp=4
BC.Tracer.DebugProfile.IW4IdentCreaFlt=4
Pragma: block-end