Document toolboxDocument toolbox

Log messages and log filters

This article describes log messages and how to set log filters in Nexus OCSP Responder.

Log messages

A log message has two features: message class and severity.

Message class

The following message classes exist:

  • oper

    • Short for operational

    • Typical messages: service shutting down, responder up and running, revocation information updated, etc.

  • trace

    • Detailed information about what is happening in the system on a component level.

    • Typical messages: downloaded CRL from url, CRL/CIL was received, validated certificate X etc. (Mainly used by developers)

  • audit

    • Information about:

      • received CILs/CRLs (denoted as audit.pkiStateAltered)

      • incoming/outgoing queries and responses from clients (denoted as audit.ocspQuery and audit.ocspResponse).

  • billing

    • Billing information. 

Message severity

The severity of the log message is a positive integer (1, 2, 3,...). For message class oper, the following aliases exist:

info = 1
notice = 2
warning = 3
error = 4
critical = 5

Log filters

Statements

A log filter is created by these statements:

  • class = class

  • severity = severity

  • severity < severity

  • severity > severity

The statements can be grouped together with the operands & (and) and | (or).

& takes precedence over |. Parenthesis are not supported.

Example on filter settings

The log filter:

class=oper | class="trace" & severity>10

will be evaluated as:

(class=oper) or (class=trace and severity>10)

and will log all operational messages plus trace messages with severity higher than 10.

If no log filter is given, the default filter is:

class=oper | class="audit" | class="billing"

To exclude certain classes of messages, a filter like this can be used:

! class = trace & ! class = profile

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions