Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 13. Configuring logging
Red Hat build of Keycloak uses the JBoss Logging framework. The following is a high-level overview for the available log handlers:
root
- console (default)
- file
13.1. Logging configuration
Logging is done on a per-category basis in Red Hat build of Keycloak. You can configure logging for the root log level or for more specific categories such as org.hibernate or org.keycloak. This chapter describes how to configure logging.
13.1.1. Log levels
The following table defines the available log levels.
| Level | Description |
| FATAL | Critical failures with complete inability to serve any kind of request. |
| ERROR | A significant error or problem leading to the inability to process requests. |
| WARN | A non-critical error or problem that might not require immediate correction. |
| INFO | Red Hat build of Keycloak lifecycle events or important information. Low frequency. |
| DEBUG | More detailed information for debugging purposes, such as database logs. Higher frequency. |
| TRACE | Most detailed debugging information. Very high frequency. |
| ALL | Special level for all log messages. |
| OFF | Special level to turn logging off entirely (not recommended). |
13.1.2. Configuring the root log level
When no log level configuration exists for a more specific category logger, the enclosing category is used instead. When there is no enclosing category, the root logger level is used.
To set the root log level, enter the following command:
bin/kc.[sh|bat] start --log-level=<root-level>
bin/kc.[sh|bat] start --log-level=<root-level>Use these guidelines for this command:
-
For
<root-level>, supply a level defined in the preceding table. -
The log level is case-insensitive. For example, you could either use
DEBUGordebug. -
If you were to accidentally set the log level twice, the last occurrence in the list becomes the log level. For example, if you included the syntax
--log-level="info,…,DEBUG,…", the root logger would beDEBUG.
13.1.3. Configuring category-specific log levels
You can set different log levels for specific areas in Red Hat build of Keycloak. Use this command to provide a comma-separated list of categories for which you want a different log level:
bin/kc.[sh|bat] start --log-level="<root-level>,<org.category1>:<org.category1-level>"
bin/kc.[sh|bat] start --log-level="<root-level>,<org.category1>:<org.category1-level>"A configuration that applies to a category also applies to its sub-categories unless you include a more specific matching sub-category.
Example
bin/kc.[sh|bat] start --log-level="INFO,org.hibernate:debug,org.hibernate.hql.internal.ast:info"
bin/kc.[sh|bat] start --log-level="INFO,org.hibernate:debug,org.hibernate.hql.internal.ast:info"This example sets the following log levels:
- Root log level for all loggers is set to INFO.
- The hibernate log level in general is set to debug.
-
To keep SQL abstract syntax trees from creating verbose log output, the specific subcategory
org.hibernate.hql.internal.astis set to info. As a result, the SQL abstract syntax trees are omitted instead of appearing at thedebuglevel.
13.2. Enabling log handlers
To enable log handlers, enter the following command:
bin/kc.[sh|bat] start --log="<handler1>,<handler2>"
bin/kc.[sh|bat] start --log="<handler1>,<handler2>"
The available handlers are console and file. The more specific handler configuration mentioned below will only take effect when the handler is added to this comma-separated list.
13.3. Console log handler
The console log handler is enabled by default, providing unstructured log messages for the console.
13.3.1. Configuring the console log format
Red Hat build of Keycloak uses a pattern-based logging formatter that generates human-readable text logs by default.
The logging format template for these lines can be applied at the root level. The default format template is:
-
%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n
The format string supports the symbols in the following table:
| Symbol | Summary | Description |
| %% | % | Renders a simple % character. |
| %c | Category | Renders the log category name. |
| %d{xxx} | Date |
Renders a date with the given date format string.String syntax defined by |
| %e | Exception | Renders a thrown exception. |
| %h | Hostname | Renders the simple host name. |
| %H | Qualified host name | Renders the fully qualified hostname, which may be the same as the simple host name, depending on the OS configuration. |
| %i | Process ID | Renders the current process PID. |
| %m | Full Message | Renders the log message and an exception, if thrown. |
| %n | Newline | Renders the platform-specific line separator string. |
| %N | Process name | Renders the name of the current process. |
| %p | Level | Renders the log level of the message. |
| %r | Relative time | Render the time in milliseconds since the start of the application log. |
| %s | Simple message | Renders only the log message without exception trace. |
| %t | Thread name | Renders the thread name. |
| %t{id} | Thread ID | Render the thread ID. |
| %z{<zone name>} | Timezone | Set the time zone of log output to <zone name>. |
| %L | Line number | Render the line number of the log message. |
13.3.2. Setting the logging format
To set the logging format for a logged line, perform these steps:
- Build your desired format template using the preceding table.
Enter the following command:
bin/kc.[sh|bat] start --log-console-format="'<format>'"
bin/kc.[sh|bat] start --log-console-format="'<format>'"Copy to Clipboard Copied! Toggle word wrap Toggle overflow
Note that you need to escape characters when invoking commands containing special shell characters such as ; using the CLI. Therefore, consider setting it in the configuration file instead.
Example: Abbreviate the fully qualified category name
bin/kc.[sh|bat] start --log-console-format="'%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n'"
bin/kc.[sh|bat] start --log-console-format="'%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n'"
This example abbreviates the category name to three characters by setting [%c{3.}] in the template instead of the default [%c].
13.3.3. Configuring JSON or plain console logging
By default, the console log handler logs plain unstructured data to the console. To use structured JSON log output instead, enter the following command:
bin/kc.[sh|bat] start --log-console-output=json
bin/kc.[sh|bat] start --log-console-output=jsonExample Log Message
{"timestamp":"2022-02-25T10:31:32.452+01:00","sequence":8442,"loggerClassName":"org.jboss.logging.Logger","loggerName":"io.quarkus","level":"INFO","message":"Keycloak 18.0.0-SNAPSHOT on JVM (powered by Quarkus 2.7.2.Final) started in 3.253s. Listening on: http://0.0.0.0:8080","threadName":"main","threadId":1,"mdc":{},"ndc":"","hostName":"host-name","processName":"QuarkusEntryPoint","processId":36946}
{"timestamp":"2022-02-25T10:31:32.452+01:00","sequence":8442,"loggerClassName":"org.jboss.logging.Logger","loggerName":"io.quarkus","level":"INFO","message":"Keycloak 18.0.0-SNAPSHOT on JVM (powered by Quarkus 2.7.2.Final) started in 3.253s. Listening on: http://0.0.0.0:8080","threadName":"main","threadId":1,"mdc":{},"ndc":"","hostName":"host-name","processName":"QuarkusEntryPoint","processId":36946}
When using JSON output, colors are disabled and the format settings set by --log-console-format will not apply.
To use unstructured logging, enter the following command:
bin/kc.[sh|bat] start --log-console-output=default
bin/kc.[sh|bat] start --log-console-output=defaultExample Log Message:
2022-03-02 10:36:50,603 INFO [io.quarkus] (main) Keycloak 18.0.0-SNAPSHOT on JVM (powered by Quarkus 2.7.2.Final) started in 3.615s. Listening on: http://0.0.0.0:8080
2022-03-02 10:36:50,603 INFO [io.quarkus] (main) Keycloak 18.0.0-SNAPSHOT on JVM (powered by Quarkus 2.7.2.Final) started in 3.615s. Listening on: http://0.0.0.0:808013.3.4. Colors
Colored console log output for unstructured logs is disabled by default. Colors may improve readability, but they can cause problems when shipping logs to external log aggregation systems. To enable or disable color-coded console log output, enter following command:
bin/kc.[sh|bat] start --log-console-color=<false|true>
bin/kc.[sh|bat] start --log-console-color=<false|true>13.4. File logging
As an alternative to logging to the console, you can use unstructured logging to a file.
13.4.1. Enable file logging
Logging to a file is disabled by default. To enable it, enter the following command:
bin/kc.[sh|bat] start --log="console,file"
bin/kc.[sh|bat] start --log="console,file"
A log file named keycloak.log is created inside the data/log directory of your Keycloak installation.
13.4.2. Configuring the location and name of the log file
To change where the log file is created and the file name, perform these steps:
Create a writable directory to store the log file.
If the directory is not writable, Red Hat build of Keycloak will start correctly, but it will issue an error and no log file will be created.
Enter this command:
bin/kc.[sh|bat] start --log="console,file" --log-file=<path-to>/<your-file.log>
bin/kc.[sh|bat] start --log="console,file" --log-file=<path-to>/<your-file.log>Copy to Clipboard Copied! Toggle word wrap Toggle overflow
13.4.3. Configuring the file handler format
To configure a different logging format for the file log handler, enter the following command:
bin/kc.[sh|bat] start --log-file-format="<pattern>"
bin/kc.[sh|bat] start --log-file-format="<pattern>"See Section 13.3.1, “Configuring the console log format” for more information and a table of the available pattern configuration.
13.5. Relevant options
| Value | |
|---|---|
|
CLI: |
|
|
CLI: | (default) |
|
CLI: |
|
|
CLI: | (default) |
|
CLI: | (default) |
|
CLI: |
|
|
CLI: | (default) |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}