Trace log configuration

Internal and WebServiceApplication logging is deactivated by default in Net iD Portal. Customers are responsible for ensuring that access to trace files is restricted according to their internal security policies.

This page describes how to enable and disable trace logging and how to safely configure trace output when trace information is required for troubleshooting.

Trace logging mechanisms

Net iD Portal supports different mechanisms for generating trace information:

Log4net: File-based trace logging configured in service configuration files. Log4net traces all calls within a process and can decrease performance.
Trace Server: File-based trace collection handled by the Generic Service. Trace Server is a module in Net iD Portal Generic Service that receives trace calls asynchronously and saves the traces to local file. This method allows trace logging without the same performance impact as Log4net.

Services and their configuration files

Here are the services that can generate trace file information, and their respective configuration files:

Commander: Commander\SecMaker.NiP.Commander.exe.config
GenericService: GenericService\SecMaker.NiP.GS.exe.config
TimerService: TimerService\SecMaker.NiP.TS.exe.config
WebServiceApplication: WebServiceApplication\Web.config
WebServiceExternal: WebServiceExternal\Web.config

Enable trace logging

Trace logging should only be enabled for troubleshooting and must be disabled after the required information has been collected.

Enable trace logging using Log4net

If Log4net needs to be activated, make sure to redirect the trace files to another directory.

In the configuration files, set the following value:

<log4net threshold="Off"> (1)

1	Off, logging is turned off All, logging is turned on. See log4net documentation for other threshold levels.

Redirect trace output (Log4net)

In the configuration files, set the value attribute to the full path of your choice:

<param name="File" value="C:\Temp\Trace.txt"/> (1)

1	The full path to the trace file.

Example 1. WebServiceApplication web.config file

This web.config file example comes from the WebServiceApplication service. Note that only the relevant XML elements are shown.

<log4net threshold="Off"> (1)
  <appender name="LogFileAppender" type="log4net.Appender.RollingFileAppender">
    <param name="File" value="C:\Temp\Trace.txt"/> (2)
  </appender>
</log4net>

1	Turns the logging on or off.
2	Sets the full path to the log file.

Enable trace logging using Trace Server

Log in to the Net iD Portal.
Click the Administration tab.
Under General settings, select the Trace server activation.

Redirect trace output (Trace Server)

If Trace Server needs to be activated, redirect the path to the log file.

Log in to the Net iD Portal.
Click the Administration tab.
In the Trace server - Path field, enter the path to the log file folder, for example, C:\Temp\.

Disable trace logging

Disable trace logging after the required trace information has been collected.

Disable trace logging using Log4net

After the required trace information has been collected:

Disable Log4net by following the procedure in Enable trace logging using Log4net and setting the log4net threshold to OFF.
Delete the existing trace files. See Redirect trace output (Log4net) for where the files are located.

Disable trace logging using Trace Server

After the required trace information has been collected:

Disable Trace Server by following the procedure in Enable trace logging using Trace Server.
Delete the existing trace files. See Redirect trace output (Trace Server) for where the files are located.

IIS request filtering

If it is not possible to disable trace logging or redirect the trace files, access to the directories can be restricted using IIS Request Filtering.

Net iD Portal

Add hidden segments:

texts

Net iD Access

Add hidden segments:

texts
config