000025414 - How to change the log level of RSA Keon Certificate Authority log files

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025414
Applies ToKeon Certificate Authority
Keon Registration Authority
Reducing level of logging to prevent high rate of log file growth
IssueHow to change the log level of RSA Keon Certificate Authority log files
ResolutionRSA Keon Certificate Authority Keon and Keon Registration Authority products use a Apache web server engine as a base component of the server architecture. To change the log level of the log files, edit the httpd.conf file in the <install-dir>/WebServer/conf directory. Modify the LogLevel in each server instance related to the file you would like to change.

The log level can be changed for any virtual host defined in httpd.conf. For example, to modify the log level of events for the Enrollment Server, search the httpd.conf file under the Enrollment Server Virtual Host.

To change the logging in the enroll-cipher.log file, look for the LogLevel setting for the SSL Log.

Look for the following entry in the httpd.conf file:

#  General setup for the virtual host

DocumentRoot "/RSA_KeonCA/WebServer/enroll-server"
ServerName vogon.securitydynamics.com

TransferLog logs/enroll-access.log
ErrorLog    logs/enroll-error.log
SSLLog      logs/enroll-cipher.log
SSLLogLevel info

LogLevel adjusts the verbosity of the messages recorded in the error logs (see ErrorLog directive). The following levels are available, in order of decreasing significance:

Level     -     Description
emerg   -     Emergencies - system is unusable.
alert      -     Action must be taken immediately.
crit        -     Critical Conditions.
error      -     Error conditions.        
warn      -     Warning conditions.
notice    -     Normal but significant condition.
info        -     Informational.
debug    -     Debug-level messages

When a particular level is specified, messages from all other levels of higher significance will be reported as well. For instance, when LogLevel info is specified, then messages with log levels of notice and warn will also be posted.

Using a level of at least crit is recommended by Apache Documentation.

NOTE: This solution only relates to the log files generated under the <install-dir>/WebServer/logs Directory
Legacy Article IDa16254