Trace / Debug logging
Enable debug logging | Bitbucket Data Center 9.3 | Atlassian Documentation See also: Audit logging and Kerberos diagnostics logging
General DEBUG logging
In rare cases, you may sometimes want to enable TRACE
or DEBUG
logging for Kantega SSO, usually while working with support. Usually, the DEBUG
log level gives a higher level of detail for a certain configuration, while the TRACE
level log is needed to monitor all details of a login flow.
Jira and Confluence both provide a user interface for temporarily adding TRACE
log categories. For the other Atlassian applications you will need to edit the log configuration files and restart the instance, or use a third party addon, for example Advanced Logging for Bitbucket.
Bitbucket
Read about logging in Bitbucket how to enable runtime here:
Enable debug logging | Bitbucket Data Center 9.3 | Atlassian Documentation
One example following the guide above to create curl call to enable logging runtime for org.kantega.atlaskerb
is (remember to replace username/password and server-name to your values):
curl -u adminusername:password -v -X PUT -d "" -H "Content-Type: application/json" https://bitbucketserver.example.com/rest/api/latest/logs/logger/org.kantega.atlaskerb/trace
Most of the K-SSO debug logging you get by logging the package: org.kantega.atlaskerb
If you want audit logging for Kantega SSO enabled add: com.kantegasso.AuditLog
To enable debug logging for SCIM also add Class/Package Name: com.ksso.scim
To enable debug logging for SAML, add no.kantega.saml
Alternatively if you want this more permanent, add the following line three your bitbucket.properties
file:
logging.logger.org.kantega.atlaskerb=TRACE
logging.logger.com.ksso.scim=TRACE
logging.logger.no.kantega.saml=TRACE
Also audit logging (see above) may be relevant to enable to get details on all activities. The debug output will be written to the atlassian-bitbucket.log file.
Confluence
Go to the page Logging and Profiling https://<your-confluence-address>/admin/viewlog4j.action
Then input in Class/Package Name value: org.kantega.atlaskerb
If you want audit logging enabled that also gives some details also add Class/Package Name: com.kantegasso.AuditLog
To enable debug logging for SCIM also add Class/Package Name: com.ksso.scim
To enable debug logging for SAML, add no.kantega.saml
For New Level select: TRACE
Press the Add entry button.
Then you can perform the activity you experience to not work as expected. The TRACE
logging will stay on until the next restart of Confluence or until you turn it off again manually on the page. The debug output will be written to the atlassian-confluence.log file.
Jira
Go to the URL https://<your-jira-address>/secure/admin/ViewLogging.jspa
On this page press the link: Logging and profiling.
Then add the following logging (see image below).
Package name: org.kantega.atlaskerb
If you want audit logging enabled that also gives some details also add Package Name: com.kantegasso.AuditLog
If you want debug logging for SCIM also add Package Name: com.ksso.scim
To enable debug logging for SAML, add no.kantega.saml
Logging level: TRACE
Then you can perform the activity you experience to not work as expected. The TRACE
logging will stay on until the next restart of Jira or until you turn it off again manually on the page. Turn off logging after troubleshooting to avoid noise in the logs. The debug output will be written to the atlassian-jira.log file.
If you need additional help understanding the logs, please post us a support query and attach the log file.
Bamboo
Go to Bamboo administration > System -> Log settings. Then add a new entry with the package name org.kantega.atlaskerb
for "Classpath" and choose TRACE as "Type". You should then see log messages of Kantega SSO with severity TRACE either in your Bamboo Server log (BAMBOO_HOME/logs/atlassian-bamboo.log) or in the Remote Agent server log.