DockerのKeycloakのログファイル設定変更方法の調査
8336 ワード
Amazon Linux2
git clone https://github.com/jboss-dockerfiles/keycloak.git
cd keycloak
cd server
vi ./tools/cli/loglevel.cli
loglevel.cli変更前
/subsystem=logging/logger=org.keycloak:add
/subsystem=logging/logger=org.keycloak:write-attribute(name=level,value=${env.KEYCLOAK_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:change-root-log-level(level=${env.ROOT_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:remove-handler(name="FILE")
/subsystem=logging/periodic-rotating-file-handler=FILE:remove
/subsystem=logging/console-handler=CONSOLE:undefine-attribute(name=level)
アクセスログ有効化
管理監査ロギング有効化
イベントログ設定
loglevel.cli変更後
/subsystem=logging/logger=org.keycloak:add
/subsystem=logging/logger=org.keycloak:write-attribute(name=level,value=${env.KEYCLOAK_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:change-root-log-level(level=${env.ROOT_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:remove-handler(name="FILE")
/subsystem=logging/periodic-rotating-file-handler=FILE:remove
/subsystem=logging/console-handler=CONSOLE:undefine-attribute(name=level)
# アクセスログ有効化
/subsystem=undertow/server=default-server/host=default-host/setting=access-log:add
# 管理監査ロギング有効化
/core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)
/subsystem=logging/logger=org.keycloak.events:add
/subsystem=logging/logger=org.keycloak.events:write-attribute(name=level,value=DEBUG)
/subsystem=logging/size-rotating-file-handler=EVENTLOG:add(file={path=events.log,relative-to=jboss.server.log.dir})
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=level,value=DEBUG)
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=rotate-size, value=10M)
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=max-backup-index, value=5)
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=append,value=true)
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=formatter,value="%d{yyyy-MM-dd HH\:mm\:ss,SSS} %-5p [%c] (%t) %s%e%n")
/subsystem=logging/size-rotating-file-handler=EVENTLOG:write-attribute(name=autoflush,value=true)
/subsystem=logging/root-logger=ROOT:add-handler(name=EVENTLOG)
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:add(file={path=access_log.log,relative-to=jboss.server.log.dir})
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=level,value=INFO)
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=rotate-size, value=10M)
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=max-backup-index, value=5)
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=append,value=true)
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=formatter,value="%d{yyyy-MM-dd HH\:mm\:ss,SSS} %-5p [%c] (%t) %s%e%n")
/subsystem=logging/size-rotating-file-handler=ACCESSLOG:write-attribute(name=autoflush,value=true)
/subsystem=logging/root-logger=ROOT:add-handler(name=ACCESSLOG)
/subsystem=logging/size-rotating-file-handler=SERVERLOG:add(file={path=server.log,relative-to=jboss.server.log.dir})
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=level,value=INFO)
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=rotate-size, value=10M)
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=max-backup-index, value=5)
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=append,value=true)
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=formatter,value="%d{yyyy-MM-dd HH\:mm\:ss,SSS} %-5p [%c] (%t) %s%e%n")
/subsystem=logging/size-rotating-file-handler=SERVERLOG:write-attribute(name=autoflush,value=true)
/subsystem=logging/root-logger=ROOT:add-handler(name=SERVERLOG)
# イメージビルド
docker build -t keycloak-log .
# Dockerコンテナ起動
docker run -d -p 18080:8080 \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
--name keycloak \
keycloak-log:latest
# コンテナに入る
docker exec -it keycloak bash
# ログ確認
[root@17525ee68503 jboss]# ls ./keycloak/standalone/data | grep audit-log.log
audit-log.log
audit-log.log2019-08-27_133654
audit-log.log2019-08-27_133947
# 確認
[root@17525ee68503 jboss]# ./keycloak/bin/jboss-cli.sh --connect --commands="/subsystem=logging/size-rotating-file-handler=ACCESSLOG:read-resource"
{
"outcome" => "success",
"result" => {
"append" => true,
"autoflush" => true,
"enabled" => true,
"encoding" => undefined,
"file" => {
"relative-to" => "jboss.server.log.dir",
"path" => "access_log.log"
},
"filter" => undefined,
"filter-spec" => undefined,
"formatter" => "%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n",
"level" => "INFO",
"max-backup-index" => 5,
"name" => "ACCESSLOG",
"named-formatter" => undefined,
"rotate-on-boot" => false,
"rotate-size" => "10M",
"suffix" => undefined
}
}
[root@17525ee68503 jboss]# ./keycloak/bin/jboss-cli.sh --connect --commands="/subsystem=logging/size-rotating-file-handler=EVENTLOG:read-resource"
{
"outcome" => "success",
"result" => {
"append" => true,
"autoflush" => true,
"enabled" => true,
"encoding" => undefined,
"file" => {
"relative-to" => "jboss.server.log.dir",
"path" => "events.log"
},
"filter" => undefined,
"filter-spec" => undefined,
"formatter" => "%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n",
"level" => "DEBUG",
"max-backup-index" => 5,
"name" => "EVENTLOG",
"named-formatter" => undefined,
"rotate-on-boot" => false,
"rotate-size" => "10M",
"suffix" => undefined
}
}
./keycloak/bin/jboss-cli.sh --connect --commands="/subsystem=logging/size-rotating-file-handler=SERVERLOG:read-resource"
{
"outcome" => "success",
"result" => {
"append" => true,
"autoflush" => true,
"enabled" => true,
"encoding" => undefined,
"file" => {
"relative-to" => "jboss.server.log.dir",
"path" => "server.log"
},
"filter" => undefined,
"filter-spec" => undefined,
"formatter" => "%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n",
"level" => "INFO",
"max-backup-index" => 5,
"name" => "SERVERLOG",
"named-formatter" => undefined,
"rotate-on-boot" => false,
"rotate-size" => "10M",
"suffix" => undefined
}
}
# ブラウザでhttp://localhost:18080/にアクセス
[root@17525ee68503 jboss]# ls ./keycloak/standalone/log
access_log.log audit.log events.log server.log
ロガーを設定してみる
WildFlyでアクセスログを有効化する
3.7. 管理監査ロギング
12. JBoss EAP を用いたロギング
Author And Source
この問題について(DockerのKeycloakのログファイル設定変更方法の調査), 我々は、より多くの情報をここで見つけました https://qiita.com/rururu_kenken/items/3c927aa093c28f29cb3d著者帰属:元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。
Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .