Log messages and log filters

This article describes log messages and how to set log filters in Nexus OCSP Responder.

Log messages

A log message has two features: message class and severity.

Message class

The following message classes exist:

• oper

  • Short for operational

  • Typical messages: service shutting down, responder up and running, revocation information updated, etc.

• trace

  • Detailed information about what is happening in the system on a component level.

  • Typical messages: downloaded CRL from url, CRL/CIL was received, validated certificate X etc. (Mainly used by developers)

• audit

  • Information about:

    • received CILs/CRLs (denoted as audit.pkiStateAltered)

    • incoming/outgoing queries and responses from clients (denoted as audit.ocspQuery and audit.ocspResponse).

• billing

  • Billing information. 

Message severity

The severity of the log message is a positive integer (1, 2, 3,...). For message class oper, the following aliases exist:

info = 1
notice = 2
warning = 3
error = 4
critical = 5

Log filters

Statements

A log filter is created by these statements:

• class = class

• severity = severity

• severity < severity

• severity > severity

The statements can be grouped together with the operands & (and) and | (or).

& takes precedence over |. Parenthesis are not supported.

Example on filter settings

The log filter:

class=oper | class="trace" & severity>10

will be evaluated as:

(class=oper) or (class=trace and severity>10)

and will log all operational messages plus trace messages with severity higher than 10.

If no log filter is given, the default filter is:

class=oper | class="audit" | class="billing"

To exclude certain classes of messages, a filter like this can be used:

! class = trace & ! class = profile