Server Logs
HYPR and underlying dependencies produce their own logs
The following table assumes that HYPR is installed in the /opt/hypr
directory. If that's not the case, replace /opt/hypr
with your <install dir>
HYPR
Debug
/opt/hypr/logs/ControlCenter.log
- Fine grained application sever log driven by Java log4j logging framework
- Includes trace Ids for co-relating log lines belonging to a request
- Granularity and location can be customized via a custom log4j file
- Recommended for lower level troubleshooting when the cause is not obvious from error codes
Example

Events
/opt/hypr/logs/ControlCenterEvents.log
- Pre-defined, high level events indicating milestones in request processing are logged
- Structured log containing data in key=value format. Format is supported by log aggregators such as Slunk and Datadog
- Recommended for driving monitoring/analytics such as successful logins, failed logins, admin activity and such
Example

The key(s) in key=value pairs follow cameCase and are standardized. The most common keys are listed below.
Key | Description |
---|---|
isSuccessful | Flag indication the success/failure of this event |
eventName | Pre-defined event name |
rpAppId | Id of the application defined via ControlCenter |
machineId | Id of the entity requesting authentication. Typically a website or a workstation |
machineUserName | Handle to identify the user in the real world - example: corporate email, employee Id etc |
deviceId | Id for the mobile device (90%) or another hardware device (Yubi key) which stores the private key/authenticator - does the authentication |
traceId | Trace id of the request which can be cross referenced with the ControlCenter.log. This provides detailed logs for all processing related to this event |
API response time
/opt/hypr/logs/api-access.log
- Log of execution time for each http request processed
- Log line is added for each http request processed
- Can be used to graph request processing times on monitoring dashboards
Example

Customizing logging
- HYRR services logging is controlled via the log4j2.xml file
- Default configuration is embedded but can be externalized. The installer ships with the default log4j2.xml for convenience;
CC/log4j2.xml
- To take full control of the logging, you can override the packaged log4j2.xml with a custom config file. Pass the following parameter at the Java command line. This can be done by setting the CC_ADDITIONAL_STARTUP_PARAMS in the
envOverrides.sh
file
export CC_ADDITIONAL_STARTUP_PARAMS="--logging.config=file:/opt/hypr/CC/customLog4j2.xml"
Changing log location
Log file location can be changed by modifying the filename
attribute in the log4j2.xml
<FileName>logs/ControlCenter.log</FileName>
Changing log file format
Format can be changed by modifying the PatternLayout
attribute in the log4j2.xml
See supported layouts for more details
Nginx
/opt/hypr/nginx/nginx-1.16.1/logs/error.log
/opt/hypr/nginx/nginx-1.16.1/logs/access.log
- The location and content of these may be modified in the
nginx/nginx-1.16.1/nginx.1161.conf
file vialog_format
,access_log
anderror_log
directives - See https://docs.nginx.com/nginx/admin-guide/monitoring/logging/ for more info
Vault
/opt/hypr/vault/vault-0.10.3/logs/vault.log
- Default Hashicorp Vault log. Contains high level info on Vault activity. Useful for troubleshooting
- Verbosity of the log may be changed by setting the
VAULT_LOG_LEVEL
env variable in envOverrides.sh. Supported values are trace, debug, info, warn and err - Location may be changed by setting the
VAULT_LOG_DIR
env variable in envOverrides.sh - See https://learn.hashicorp.com/tutorials/vault/troubleshooting-vault#server-log-level for more info
Redis server
/opt/hypr/redis/redis-4.0.13/logs/redis.log
- Contain info on startup/shutdown, configuration warnings and runtime errors
- Verbosity of the log may be changed by setting
loglevel
inredis/redis-4.0.13/redis.[master | slave | sentinel].4013.conf
. Supported values are debug, verbose, notice and warning - Location may be changed by setting the
REDIS_LOG_DIR
env variable in envOverrides.sh
Redis sentinel
/opt/hypr/redis/redis-4.0.13/logs/redis-sentinel.log
- Contain info on the server being monitored by this sentinel, failover activity and runtime errors
- Location may be changed by setting the
REDIS_LOG_DIR
env variable in envOverrides.sh
Updated over 1 year ago