Idea Details

Restore SM_TLI_LOG_FILE to log TLI level transaction details (or mark as deprecated)

Last activity 22 days ago
Mark ODonohue's profile image
10-23-2018 08:29 PM

Summary 

TLI log files do not print any details of transactions anymore (possibly this was removed in rewrite of agent in R12 or move to framework agent).

 

I think we either need to deprecate it and remove it entirely, or better still restore it so that it does log the send and received packet details from communication on that socket to the policy server. 

 

Discussion

 

When we enable TLI logging, it does not show much detail. 

 

export SM_TLI_LOG_FILE = / app/netegrity/webagent/log/SM_TLI_LOG_FILE.log 

 

It creates a bunch of files for each connection made to a policy server :  

 

total 20 
-rw-r--r--. 1 daemon root 381 Oct 5 01:22 sm_tli_trace.log-32414 
-rw-r--r--. 1 daemon daemon 381 Oct 5 01:21 sm_tli_trace.log-32421 

-rw-r--r--. 1 daemon daemon 381 Oct 5 01:21 sm_tli_trace.log-32422 
-rw-r--r--. 1 daemon daemon 381 Oct 5 01:21 sm_tli_trace.log-32423 
-rw-r--r--. 1 daemon daemon 381 Oct 5 01:21 sm_tli_trace.log-32515 uninitializating 

 

But all we get in each of those files is : 

 

[Fri Oct 05 2018 01:13:49] [/net/bnracton/sandbox/build-repos/SiteMinder/integration/1194/rhas64/devel/common/smagentapi/SmAgentAPI.cpp:901] [32414-140444770817824] Starting initialization 
[Fri Oct 05 2018 01:22:01] [/net/bnracton/sandbox/build-repos/SiteMinder/integration/1194/rhas64/devel/common/smagentapi/SmAgentAPI.cpp:1691] [32414-140444770817824] Finished 

 

Checking the source code via Git, these two messages - a start and end and a few really obscure error messages are all that will ever be printed to the TLI log. 

 

So it seems functionality to log all the TLI level transactions probably was removed (maybe at SM 12.0 stage, when a lot of the agent code was rewritten).  

 

I've often seen recommendation to enable this logging, and a trace of the agent requests and responses at the TLI level would be handy.  

 

So I think we either need to deprecate it and remove it entirely, or better still restore it so that it does log the send and received packet details from communicaiton on that socket to the policy server. 

 

 

Cheers - Mark


Comments

01-11-2019 10:19 AM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team is reviewing your enhancement suggestion following the process outlined here: https://communities.ca.com/docs/DOC-231170123 

The Community will continue to be able to vote on this enhancement idea.