Logging in Nexus Timestamp Server
This article includes updates for Nexus Timestamp Server 2.3.0.
This article describes the format for logging in Nexus Timestamp Server.
By default, Nexus Timestamp Server logs to one main log, and one audit log per timestamp service.
The main log mainly logs error conditions that might need administrator attention, startup and shutdown information as well as debugging entries. See Log settings in Nexus Timestamp Server for how to control different log levels etc.
The audit log logs important timestamp events specific to a certain timestamp service.
Log files location
By default, log files reside under the directory <var>/logs/<year>-<month>- <day>/, where
<year> is a two-digit year indication
<month> is a two digit month indication
<day> is a day-in-month indication
Log files are rotated once a day.
It is recommended that rotated log files (that is, log files no longer active) are deleted or moved to another disk on a regular basis in order to avoid server disk exhaustion.
The main log
Name
The main log is named timestamp.log.
Format
Each log entry is formatted as follows:
Log entry in main log |
---|
|
See this table for a description of the fields:
Field | Description |
---|---|
| The date format is YYYY-MM-DD. |
| The time format is hh:mm:ss.ms. |
| Offset compared to UTC, for example, +0200. |
| The entry level. One of SEVERE, WARNING, INFO, FINE, FINER or FINEST. See Log settings in Nexus Timestamp Server for more details. |
| The log message. When an error occurs and an error code is sent to the application, a corresponding ERROR level entry will be appended to the log. Such an entry will be prefixed with “ |
Entry messages on level SEVERE, WARNING and INFO are single row messages whereas FINE, FINER or FINEST messages might be multiple row messages.
Example
Example of a main log entry:
Example: Main log entry |
---|
|
List of error codes
Error code | Explanation | |
---|---|---|
100 | RESULT OK | |
101 | RESULT VALIDATION | |
Internal server error codes | 200 | INTERNAL ERROR |
201 | CONFIG ERROR | |
Certificate error codes | 210 | CERTIFICATE EXPIRED |
211 | CERTIFICATE SIGNATUREINVALID | |
212 | CA ERROR | |
213 | CERTIFICATE REVOKED | |
214 | ISSUER UNKNOWN | |
215 | CERTIFICATE MISSING | |
216 | CERTIFICATE NOT YET VALID | |
Timestamp decode/encode error codes | 230 | TIMESTAMP DECODING ERROR |
231 | TIMESTAMP FILE READ ERROR | |
NTP manager exception error codes | 300 | NTP GENERAL ERROR |
301 | NTP NO REFERENCE CLOCK | |
302 | NTP NO TIMESTAMP CLOCK |
Audit log format
The audit logs are row oriented, which means that every log entry is contained in one single row. Every timestamp service has its own audit log.
Each row is formatted as follows:
Log entry in audit log |
---|
|
See this table for a description of the fields:
Field | Description |
---|---|
| The date format is YYYY-MM-DD |
| The time format is hh:mm:ss.ms |
| Offset compared to UTC, e.g. +0200 |
| Always INFO |
| Formatted as |
| Formatted as |
| Should be |
| Who is using this. If nobody is authenticated it will be presenting |
| Represents the client IP address. |
| The actual log message. |
| The hash of this audit line. SHA-1 is used and the hash is calculated from the information of |
| The hash of this and previous audit line. SHA-1 is used and the hash is calculated from the data of the previous line hashvalue ( |
There is a terminal-based tool (called Verify Audit File) included in the Nexus Timestamp Server installation used to verify that the hashline and hash chain are correct. The tool uses a file as input and verifies it. The file can be a part of an audit log or the whole file.
Enter this command in the command line:
VerifyAuditFile audit.txt
The tool will return OK or a message saying which line that is not correct depending on the input file.