The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

IdP 3 includes robust logging using logback as its engine. Logback can be configured to perform various actions when different conditions are satisfied; one of which is using SMTP to deliver log data. This guide will configure Logback to send an email any time an event level of ERROR is generated. All log data will still be written to the default FILE appender also.

For reference, these pages helped create this configuration.

 

There are two parts for configuration:

  • Define an appender that uses the SMTPAppender class
  • Tell Logback when to reference that new appender

 

When configuring data values in the appender, staying as generic as possible allows the same logback.xml to be used among dev, test, and production environments without any modifications (always a plus when you're being audited). Even logging on only ERROR conditions can generate plenty of mail. For instance, an invalid SAML decode action generates an email. Depending on who's testing downstream, that could be quite a few emails to a distribution group.

  1. Edit the %{idp.home}\conf\logback.xml and append this new appender code block after the last existing <appender> definition.
    • <smtpHost> : Hostname or IP address of your mail relay server
    • <from> : The from address on any emails sent from Logback
    • <subject> : The subject of the emails sent from Logback. ${HOSTNAME} will reference the computer name on which Logback is running

    • <level> : What condition to take action on (DEBUG, INFO, WARN, ERROR)

      Logback.xml SMTP Appender 
      <!-- Custom SMTP Appender for ERROR -->
<appender name="Email_Alerts" class="ch.qos.logback.classic.net.SMTPAppender">
      <smtpHost>SMTPHOSTNAME</smtpHost>
      <from>FROMEMAILADDRESS</from>
      <to>TOEMAILADDRESS</to>
      <subject>${HOSTNAME} IDP Error Detected</subject>
      <layout class="ch.qos.logback.classic.html.HTMLLayout"/>
      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
          <level>ERROR</level>
      </filter>
</appender>
<!-- /Custom SMTP Appender for ERROR -->

      Click here for additional SMTPAppender properties and information

  2. Add a reference to the new appender
    1. Find the existing code <root level="INFO">
      1. Hooking in here allows you to configure your appender to alert on any severity
      2. Alternatively, you can create your own root level block if you don't want to modify the existing block
    2. Append a new reference after the existing references
Logback.xml Root level appender 
<appender-ref ref="Email_Alerts"/>

 

 

  • No labels