How to Manage WildFly Logging: Access Log, Audit Log, Log Levels and More

As a server administrator, monitoring and analyzing your application's performance is crucial to ensure its optimal performance. WildFly, an open-source Java-based application server, provides several built-in logging features that allow you to keep track of your server's activity and debug potential issues.

In this article, we will discuss WildFly's logging capabilities and how you can optimize them to enhance your server's performance. We will cover topics such as WildFly access log, audit log, debug logging, changing log levels, and more.

WildFly Server Log Directory

The JBoss server.log file is a default log file in WildFly. By default, WildFly stores its logs in the "jboss.server.log.dir" directory. If you need to change the default log directory, you can set a new path in the standalone.xml configuration file.

To change the default log directory in WildFly, you need to modify the standalone.xml file, which is located in the configuration directory of your WildFly installation.

Here are the steps to change the default log directory in WildFly:

Navigate to the WildFly installation directory and locate the "standalone.xml" file in the "standalone/configuration" directory.
Open the standalone.xml file in a text editor.
Search for the "logging" subsystem configuration by using the search functionality in your text editor.
Within the "logging" subsystem configuration, locate the "file-handler" element that defines the file handler for the default log file. It should look like this:


<file-handler name="server-log" autoflush="true">
  <level name="INFO"/>
  <formatter>
    <named-formatter name="PATTERN"/>
  </formatter>
  <file relative-to="jboss.server.log.dir" path="server.log"/>
</file-handler>

To change the default log directory, modify the "relative-to" attribute of the "file" element to the desired directory path. For example, if you want to change the default log directory to "/opt/logs/", modify the "file" element as follows:


<file relative-to="jboss.server.log.dir" path="/opt/logs/server.log"/>

Save the changes to the standalone.xml file and restart the WildFly server to apply the changes. After restarting the server, WildFly will use the new log directory for the default log file instead of the default "jboss.server.log.dir" directory.

WildFly Access Log

The access log records information about HTTP requests made to your server, including the request method, URL, and response code. It can help you to analyze your server's traffic patterns and identify potential security issues. To enable the access log, you need to configure the Undertow subsystem in the standalone.xml file.

To enable access logging in WildFly, you need to configure the Undertow subsystem in the WildFly configuration file (standalone.xml or domain.xml).

1. Open the WildFly configuration file (standalone.xml or domain.xml) in a text editor.
2. Locate the Undertow subsystem configuration in the XML file. It should look like this:


<subsystem xmlns="urn:jboss:domain:undertow:10.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default">
   <buffer-cache name="default"/>
   <server name="default-server">
      <http-listener name="default" socket-binding="http" redirect-socket="https"/>
      <host name="default-host" alias="localhost">
         <location name="/" handler="welcome-content"/>
         <filter-ref name="server-header"/>
         <filter-ref name="x-powered-by-header"/>
      </host>
   </server>
</subsystem>

Add the following configuration within the element


<host name="default-host" alias="localhost">
   ...
   <access-log pattern="%h %l %u %t "%r" %s %b %D" prefix="access" suffix=".log"/>
</host>

This configuration enables access logging for the default-host and uses the specified access log format pattern. The log files will be named access.log and stored in the WildFly server's log directory.

Save the configuration file and restart WildFly for the changes to take effect. Now access logging is enabled in WildFly, and you can check the log files to view the HTTP access logs.

WildFly Access Log Pattern

The access log pattern specifies the format of the access log file. WildFly provides several predefined access log patterns, such as "common" and "combined," or you can create a custom pattern to suit your needs. You can configure the access log pattern in the Undertow subsystem configuration.

To configure the Access Log in WildFly, you need to specify a log pattern, which defines the format of the log entries. The log pattern is a string that contains placeholders for various attributes of the HTTP request and response. Here are some of the commonly used placeholders in WildFly Access Log pattern:

%h: The remote host IP address.
%l: The identity of the user, usually "-", as WildFly does not support user authentication by default.
%u: The username of the authenticated user, if available.
%t: The date and time of the request, in Common Log Format (CLF).
%r: The first line of the request, containing the HTTP method, URI, and protocol version.
%s: The status code returned to the client.
%b: The number of bytes sent in the response, excluding headers.
%{i}n: The value of the HTTP request header "n".
%{o}n: The value of the HTTP response header "n".

For example, the following log pattern will generate an Access Log entry in the CLF format, including the remote host IP address, the date and time, the HTTP method and URI, the status code, and the number of bytes sent in the response:

%h %l %u %t "%r" %s %b

If you want to include custom HTTP headers in the Access Log, you can use the %{i}n and %{o}n placeholders, where "n" is the name of the header. For example, to log the value of the "User-Agent" header in the request and response, you can use the following log pattern:

%h %l %u %t "%r" %s %b "%{i}User-Agent" "%{o}User-Agent"

The WildFly Access Log pattern is a flexible way to customize the format of the server's log entries, and it can be used to log various attributes of HTTP requests and responses.

By analyzing the Access Log, you can gain insights into the server's performance, troubleshoot issues, and improve the user experience.

WildFly Audit Log

The audit log records security-related events, such as login attempts, authentication failures, and role-based access control events. Enabling the audit log can help you to identify potential security breaches and ensure compliance with security policies. You can configure the audit log in the standalone.xml file.

WildFly Change Log Level

Changing the log level allows you to control the amount of detail recorded in the log files. WildFly provides several log levels, such as "INFO," "DEBUG," and "TRACE," each with increasing levels of detail. To change the log level, you need to modify the logging subsystem configuration in the standalone.xml file.

WildFly Debug Logging

Debug logging records detailed information about your server's internal operations, such as method calls and variable values. Enabling debug logging can be useful for debugging complex issues but can also generate a large amount of log data. To enable debug logging, you need to modify the logging subsystem configuration in the standalone.xml file.

WildFly Enable Debug Logging

To enable debug logging, you need to set the log level to "DEBUG" or "TRACE" and specify the relevant logger categories in the logging subsystem configuration. You can also enable debug logging for specific modules or applications by configuring the logging properties in their respective configuration files.

In conclusion, WildFly provides several powerful logging capabilities that can help you to monitor and analyze your server's performance. By configuring the log levels, access logs, and audit logs, you can optimize your server's performance and ensure its security.

So, make sure to configure your WildFly server's logging to get the best performance and insights.