Server Logging Configuration

Introduction
Initial Logging Configuration
SQL Loggers
Reserved Loggers for SQL
SQL Function Loggers
Logging Thresholds
Modifying the Server Logging Configuration
Trace Log

Introduction

The SAS logging facility is a framework that categorizes and filters log messages in SAS server and SAS programming environments, and writes log messages to various output devices. In the server environment, the logging facility logs messages based on predefined message categories, such as Admin for administrative messages, App for application messages, and Perf for performance messages. The logging facility also enables messages to be filtered based on the following thresholds: TRACE, DEBUG, INFO, WARN, ERROR, and FATAL.
The dfs_log.xml configuration file controls the destination, contents, and formats of the logging facility log for SAS Federation Server. You can change logging levels dynamically without stopping the server.

Initial Logging Configuration

The default logging facility configuration for SAS Federation Server includes a definition for the RollingFileAppender. The appender routes events to a rolling log file.
The rolling log file is configured as follows:
  • A new log is created when the date changes and when a new server process is started.
  • Events are written by using a layout that includes the current date, current time, logging level, process ID, the user identity that is associated with the event, and a message.
  • The name of the rolling log file follows the following convention: 
    dfs_%d_%S{pid}.log
    where %d is the date and %S{pid} is the process ID number (PID) for SAS Federation Server.
  • The rolling log files are placed in the /var/log directory.
  • When a new rolling log file is created, a heading is written to the file. The heading identifies the server's host machine, operating system, and server start-up command.
Note: For DS2 logging, see “DS2 Loggers” in the SAS DS2 Language Reference.
The following table lists the loggers that reference the RollingFileAppender:
Logger Name
Logging Level
Description
Admin
Info
processes log events that are relevant to system administrators or computer operators.
App
Info
processes log events that are related to specific applications. For example, metadata servers, OLAP servers, stored process servers, and workspace servers use loggers that are named App.class.interface.method to record method calls that are issued to the server.
App.Server
Info
Server top-level object run-time and interface events.
Debug
Method call and return events.
Trace
Method parameters.
App.Session
Info
Session object run-time and interface events.
Debug
Method call and return events.
Trace
Method parameters.
App.Connection
Info
Connection object run-time and interface events
Debug
Method call and return events.
Trace
Method parameters.
App.Statement
Info
Statement object run-time and interface events
Debug
Method call and return events.
Trace
Method parameters.
App.Program
Info
General application independent events including errors and warnings from arbitrary services or the OS
Audit
Info
Processes log events to be used for auditing. These events include updates to public metadata objects, user access to SAS libraries, accepted and rejected user authentication requests, and administration of users, groups, and access controls.
Audit Authentication
Info
Authentication provider events.
Audit Table
Info
Federation server specific events.
Audit Table Connection
Info
Audit events related to server connections, including connection pooling and dynamic connections.
Audit.Table.Security
Info
Federation Server authorization events.
Audit.Table.Security.Provider
Info
Detailed authorization services run-time events relating to user identity management and access control logic and enforcement decisions.
Logging
Error
SAS logging facility configuration and run-time events.
Logging.Appender
Error
Appender-specific configuration and run-time events.
Logging.Appender.DB
Error
DB Appender-specific events (used in SQL Logging).
Cradle
Info
General server process framework services, start-up and termination events.
Info
Processes log events for servers that use the Integrated Object Model (IOM). The IOM interface provides access to SAS Foundation features such as the SAS language, SAS libraries, the server file system, results content, and formatting services. IOM servers include metadata servers, OLAP servers, stored process servers, and workspace servers.
IOM.Proxy
Info
Server to server outcall events.
Debug
Method call and return events.
Trace
Method parameters.
IOM.PE
Warn
Communication protocol engine events.
Perf
Error
Processes log events that are related to system performance.
Perf.ARM
Error
Perf.ARM.IOM.Session
Error
Session API performance events.
Perf.ARM.IOM.Environment
Error
Environment API performance events.
Perf.ARM.IOM.Connection
Error
Connection API performance events.
Perf.ARM.IOM.Statement
Error
Statement API performance events.
Perf.ARM.FederationServer
Warn
Federation server API independent performance events.
Perf.ARM.SQLServices
Warn
Local SQL services performance events.
<root>
Error
All events produced from SAS Federation Server.

SQL Loggers

Reserved Loggers for SQL

The following loggers, which are unique to SAS Federation Server, are based on the Audit and App loggers referenced above.
Logger
Logging Level
Description
Audit.SQLFPkg.package-name
Debug
Trace
Used to log security-related events.
App.SQLFPkg.package-name
Debug
Trace
Used to log API, logic run time events.

SQL Function Loggers

The following table reflects the Audit and App loggers for SQL functions that are specific to the SAS Federation Server system catalog:
Package-name
Function
Logger
RLS (Row-level security)
SYSCAT.RLS
Audit.SQLFPkg.RLS
App.SQLFPkg.RLS
DM (Data masking)
SYSCAT.DM
Audit.SQLFPkg.DM
App.SQLFPkg.DM
UTL (Utilities)
SYSCAT.UTL
Audit.SQLFPkg.UTL
App.SQLFPkg.UTL
You can use the App.SQLFPkg.UTL logger to verify results after running PROC ASEXPORT during a migration. The log reflects auth IDs that were not properly mapped to an auth ID in SAS Metadata Server. See the SAS Federation Server 4.2 Migration Guide for information.

Logging Thresholds

The SAS logging facility provides six thresholds: TRACE, DEBUG, INFO, WARN, ERROR, and FATAL. Thresholds are used to ignore log events that are lower than a particular level, or to filter messages so that only a single message level is logged. The SQL function loggers use DEBUG and TRACE only.
When a log event occurs, up to three levels of filtering can take place:
  1. filtering log events by comparing the log event level to the log event's logger level.
  2. filtering log events by comparing the log event level to the appender's threshold.
  3. filtering log events by comparing the log event level to the threshold that is specified in the filter definition, which is a part of the appender configuration.
In the first two cases, if the log event level is lower than the logger or appender threshold, the logging facility ignores the log event. Otherwise, processing of the log event continues.
In the third case, the log event level is compared to the filter threshold. If there is a match, the log event can be either accepted or denied. If there is no match, the filtering process continues to the next filter in the filtering policy.
The logging levels, from the lowest to the highest, are as follows:
Level
Description
TRACE
Produces the most detailed information about your application. This level is primarily used by SAS Technical Support or development.
DEBUG
Produces detailed information that you use to debug your application. This level is primarily used by SAS Technical Support or development.
INFO
Provides information that highlights the progress of an application.
WARN
Provides messages that identify potentially harmful situations.
ERROR
Provides messages that indicate that errors have occurred. The application might continue to run.
FATAL
Provides messages that indicate that severe errors have occurred. These errors will probably cause the application to end.
Note: The logging level must be enclosed in quotation marks.
By default appenders do not have a threshold but a threshold can be configured. When set, all log events that have a level lower than the threshold are ignored by the appender.

Modifying the Server Logging Configuration

You can modify the logging facility configuration for SAS Federation Server by modifying the dfs_log.xml file located in the /etc directory of the configuration path. Before modifying the file, be sure to make a backup copy.
Here are some examples of changes that you might want to make:
  • configure RollingFileAppender to use a different log filename, to roll over log files more or less frequently, or to roll over log files based on file size rather than date.
  • specify additional appenders.
  • use filters to limit the events that are written to an appender.
  • configure a different message layout for an appender.

Trace Log

By tracing each internal API routine that is called by the application, a trace log records transactions that can be used for debugging connection and processing issues. For example, you can request information that traces the FedSQL statements that are submitted to a data service.
Note: By default, tracing is not activated for server logging. You should not activate tracing unless you are instructed to do so by SAS Technical Support.
Tracing can be activated by using the following methods:
  • server start-up options
  • data service connection arguments
  • system options
When you activate tracing, you also specify the physical location where the transaction records are saved. Because SAS Federation Server supports one root file trace log directory and multiple subdirectories, you can group trace logs if necessary.
Copyright © SAS Institute Inc. All Rights Reserved.
Last updated: March 6, 2018