Hi Daren,
Kindly ignore my earlier comment. It worked ! Thanks !
However,
it is suppressing this log as well(Which is needed intended to error response):
com.ca.siteminder.SiteMinderHighLevelAgent: Session validation failed, Reason: IdleTimeOut reached
can we only suppress this below log particularly :
com.ca.siteminder.SiteMinderHighLevelAgent: Session validation failed for the following SsoToken: Thanks in Advance !
Pratik
------------------------------
Design Engineer Professional
BT
------------------------------
Original Message:
Sent: 05-20-2020 11:05 PM
From: Pratik Degaon
Subject: Default logging override
Hi Daren,
I tried this ! But no luck I still see logs being audited. Any other way of doing this
And about your suggestion for message2
"For message2, it's a type "Audit" entry, so you will need to add the audit code (8100) to the cluster-wide property to suppress it. So add the cluster-wide property: audit.auditdetailexcludelist Then add 8100 to it, separate entries with a space"
I don't find this clusterwide property audit.auditdetailexcludelist .
Kindly help.
------------------------------
Design Engineer Professional
BT
Original Message:
Sent: 05-20-2020 04:22 PM
From: DAREN CHERNOFF
Subject: Default logging override
Hi Pratik,
Can you modify the following cluster wide property:
'log.levels' and add the following on a new line:
com.ca.siteminder.SiteMinderHighLevelAgent.level = SEVERE
See if that suppresses the message in question.
Daren
Original Message:
Sent: 05-20-2020 04:15 PM
From: Pratik Degaon
Subject: Default logging override
Hi Daren,
Thanks!
Please find the string or the log which I want to suppress from being logged or audited.
2020-05-20T09:40:26.924+0100 WARNING 275 com.ca.siteminder.SiteMinderHighLevelAgent: Session validation failed for the following SsoToken: VJzEuFTVrm1E6KRN5pn7i4+tcIXXXXXXXXXXXXXX
Regards,
Pratik
------------------------------
Design Engineer Professional
BT
Original Message:
Sent: 05-20-2020 03:59 PM
From: DAREN CHERNOFF
Subject: Default logging override
Hi Pratik,
Can you provide an example of the message in question which you would like to suppress from being
sent to the gateway ssg log ?
Take for example the following kinds of messages:
=message 1=====
INFO 1053 com.l7tech.external.assertions.gzip.server.GzipServiceInvocation: Setting target var "MyToken"
=============
==message2==
INFO 1538 com.l7tech.server.policy.assertion.ServerOperation: 8100: 0000016222464101-18403cf Could not match WSDL operation (getCustomerQualifications instead of getPointDetails)
=============
For message2, it's a type "Audit" entry, so you will need to add the audit code (8100) to the cluster-wide property to suppress it. So add the cluster-wide property: audit.auditdetailexcludelist Then add 8100 to it, separate entries with a space.
For message1, it's a type "log" entry, so you will have to suppress it based on the package. Add the cluster-wide property: log.levels Add the following on a new line: com.l7tech.external.assertions.gzip.server.GzipServiceInvocation.level = SEVERE
Hope that helps.
Daren
Original Message:
Sent: 05-20-2020 02:13 AM
From: Pratik Degaon
Subject: Default logging override
Hi Folks,
One of the policy assertion logging sensitive info in the ssglogs. which we don't want to log this. Any suggestion how to avoid this logging from particular assertion.
Please help.
------------------------------
Design Engineer Professional
BT
------------------------------