Thanks, Duncan. I've got a pile of updates to make to the instructions, if I can ever get enough uninterrupted time to actually type them in. :-( I'll add that to the list.
For what it's worth, I have our servers configured to send their logs to Graylog as well as the log files, and the TGTs are not masked there either. Maybe it's a feature. :-) --Dave -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • [email protected] [image: The New School] On Tue, Apr 24, 2018 at 8:13 AM, Duncan Brannen <[email protected]> wrote: > > > Hi All, > > In case anyone else is wondering, it looks like there is a > default 10MB size on the SizeBasedTriggeringPolicy > > (See https://github.com/apache/logging-log4j2/blob/master/ > log4j-core/src/main/java/org/apache/logging/log4j/core/appender/rolling/ > SizeBasedTriggeringPolicy.java ) > > > > Dave, I’ve CC’d you as the instructions at > > https://dacurry-tns.github.io/deploying-apereo-cas/building_ > server_configure-logging-settings.html > > > > will cause loss of data if I’m not mistaken. Leaving in the > SizeBasedTriggeringPolicy line will roll the logs at 10MB and combined with > the > > removal of the -%i from the filepattern =”%d{yyyy-MM-dd-HH}-%i.log” line > will cause logs to be overwritten every 10MB rather than incrementing > > a sequence number. Leaving in the -%i seems a nice safety net anyway as if > logs ever roll unexpectedly you’ll not overwrite anything. > > > > > > > > I’ve not found why the TGT’s are not masked when logged to a socket rather > than a file though. Anyone? We’re running CAS 5.2.3 > > > > Cheers, > > Duncan > > > > > > > > *From: *<[email protected]> on behalf of Duncan Brannen < > [email protected]> > *Reply-To: *<[email protected]> > *Date: *Friday, 20 April 2018 at 09:50 > *To: *"[email protected]" <[email protected]> > *Subject: *[cas-user] CAS Logging {really log4j2 questions} > > > > > > Morning All, > > First, thanks to Dave from the New School for producing > the deployment guide it was a great help for us migrating > > from CAS 3 -> CAS 5 which we’ve recently done. > > > > I’ve a couple of issues with logging I wouldn’t mind throwing out here. > > > > 1/. > > > > I set a TimeBasedTriggeringPolicy of a day (via interval of 1 and pattern > of yyy-MM-dd ) and removed the size=10 MB” from the > SizeBasedTriggeringPolicy in our > > Log4j2.xml file but noticed our logs were rolling still at 10/11MB when we > left in the <SizeBasedTriggeringPolicy /> line. > > > > Without it the just roll daily as expected. I’m not sure if this is > something unique to us and haven’t found any log4j2 docs that imply there’s > a default > > if it’s left in without a value. Can anyone else clarify if the > SizeBasedTriggeringPolicy should be removed or this is a local issue. > > > > 2/. > > > > I created another Appender and AsyncLogger to send logs to our ELS stack > via logstash. Our TGT’s are not being ****’d our in those logs. Given the > > below configs, the TGT’s are obfuscated in cas_json.log but not in > logstash. Is this as expected / do I need to do the obfuscation in > logstash? > > > > Cheers, > > Duncan > > > > > > <RollingFile name="dbbfile" fileName="${sys:cas.log.dir}/cas_json.log" > append="true" > > filePattern="${sys:cas.log. > dir}/cas_json-%d{yyyy-MM-dd}-%i.log"> > > <PatternLayout pattern="%d %p [%c] - <%m>%n"/> > > <Policies> > > <OnStartupTriggeringPolicy /> > > <TimeBasedTriggeringPolicy interval="1" modulate="true"/> > > </Policies> > > </RollingFile> > > > > > > <CasAppender name="casJson"> > > <AppenderRef ref="dbbfile" /> > > </CasAppender> > > > > <Socket name="socket" host="logstashhost" connectTimeoutMillis="3000" > > port="9500" protocol="TCP" ignoreExceptions="false" > > > <JsonLayout compact="true" complete="false" > eventEol="true" /> > > <SerializedLayout /> > > </Socket> > > > > > > <AsyncLogger name="org.apereo" additivity="true" level="info"> > > <appender-ref ref="casJson" /> > > <appender-ref ref="socket" /> > > </AsyncLogger> > > > > > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/7102A04D-14F7-48C0-B54A- > AAEB755B0DFF%40st-andrews.ac.uk > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/7102A04D-14F7-48C0-B54A-AAEB755B0DFF%40st-andrews.ac.uk?utm_medium=email&utm_source=footer> > . > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMXEqde9bVUGtB7a6Nbdb%2BdvkknSStY-ze_B4TeKCRzXg%40mail.gmail.com.
