Recently, I was asked by a customer for a better way to review the IMPS etatrans*.log without using 3rd party tools, e.g. SPLUNK or SNMPtraps.
While it is possible to use Perl or Powershell to pull information from the IMPS\logs, there is also an existing tool that has similar grep-like functionality.
Under both the MS Windows and Linux installation of CA Identity Manager for Provisioning Server, you will be able to see/use an executable of "analyzelog"
If used with a -? switch, this executable will return various options to use.
To use this tool:
1) Ensure the IMPS\bin folder is within the PATH statement of the OS; and/or if on Linux, su - imps user.
2) Navigate or change directory to the IMPS\logs folder.
- The analyzelog tool appears to look for files first in the local folder.
- The analyzelog tool will by default, search for etatrans*.log files, and search the first file, if no file option/switch is defined.
3) Review all options and see if this tool can be used as is for your use; or wrap with Powershell/Perl for additional functionality.
Note: For etatrans*.logs, you can always search/grep on the transaction ID, to follow the data flow.
Note2: To reduce "bloat" and "noise", you may wish to reduce the default log level of etatrans from 7 to 3. The level of three (3) will still ensure adequate information for audit & troubleshooting needs, but remove the search routines from filling the logs up and forcing early rotation.
I have captured some notes on analyzelog to share.