Sunday, November 3, 2013

Weblogic Logs analysis -II


Weblogic log analysis part-I
Configuring Server Logging: Advanced
Logger severity properties: Specify the severity level for any specific loggers for which you want to override the setting for the root Logger or its closest parent node in the logger tree. You can also specify severity levels for packages (if using the Commons Logging API) or for individual WebLogic Server subsystem Loggers (if using the Message Catalog Logger). For WebLogic Server components, the subsystem name is the logger name.
Logging implementation: Specifies whether the server logging is based on a log4j implementation. By default, Oracle WebLogic Server logging uses an implementation based on the Java Logging APIs that are part of the Java Development Kit (JDK).
Severity level: Specifies the minimum severity of log messages that are to be written to the server log file. By default, all messages go to the log file.
Filter: Specifies the filter configuration for the server log file. A filter configuration defines simple filtering rules to limit the volume of log messages written to the log file.
Redirect stdout logging enabled: When enabled, redirects the standard out of the JVM in which an Oracle WebLogic Server instance runs to the WebLogic logging system
Stdout Severity Level: Specifies the minimum severity of log messages going to standard out. Messages with a severity lower than the specified value are not published to standard out.





Domain Log Severity Level: Specifies the minimum severity of log messages going to the domain log from this server’s log broadcaster. Messages with a severity lower than the specified value are not published to the domain log.
Buffer size: Specifies the size of the buffer for the log messages that are sent to the domain log as a batch. The buffer is maintained on the managed server and is broadcast to the domain log when it gets full.



HTTP Access Logs
 HTTP logging configuration options. Use this page to configure HTTP logging for the server. By default, HTTP logging is enabled and the server saves HTTP requests in a separate log file; it does not store HTTP requests in the server log file or the domain log file. If you use another HTTP server such as Oracle HTTP Server or Apache, disable the logging here.
A sample of the HTTP access log file:
[user@wls-sysadm]$ cd /u01/app/oracle/user_projects/domains/MedRecDomain/servers/MedRecSvr3/logs
[user@wls-sysadm]$ more access.log
192.168.0.1 - - [12/May/2009:21:33:47] "GET /benefits HTTP/1.1" 302 259
192.168.0.1 - - [12/May/2009:21:33:47] "GET /benefits/ HTTP/1.1" 200 5813
192.168.0.1 - - [12/May/2009:21:33:51] "POST /benefits/servlet HTTP/1.1" 200 681
192.168.0.1 - - [12/May/2009:21:33:53] "GET /benefits/welcome.html HTTP/1.1" 200 5813
192.168.0.1 - - [12/May/2009:21:34:42] "GET /benefits HTTP/1.1" 302 259
192.168.0.1 - - [12/May/2009:21:34:44] "POST /benefits/servlet HTTP/1.1" 200 265
 
Apache Commons Logging API
Application developers who want to use the WebLogic Server message catalogs and logging services as a way for their applications to produce log messages must know XML and the Java APIs. Many developers and system administrators use log4j, which is a predecessor to the Java Logging APIs. Log4j is an open source tool developed for putting log statements in your application. The log4j Java logging facility was developed by the Jakarta Project of the Apache Foundation.
The Jakarta Commons Logging APIs provide an abstraction layer that insulates users from the underlying logging implementation, which can be log4j or Java Logging APIs. WebLogic Server provides an implementation of the Commons LogFactory interface, letting you issue requests to the server Logger using this API. When developers use this, their applications can issue messages that are sent to wherever WebLogic is sending its messages (either JDK or log4j), so your application logs appear integrated with the WebLogic Server logs.


Using the Console to View Logs
1.  In the left pane of the console, expand Diagnostics and select Log Files.
2.  In the Log Files table, select the option button next to the name of the log that you want to view.
3.  Click View.
4.  The page displays the latest contents of the log fileup to 500 messages in reverse chronological order. The messages at the top of the window are the most recent messages that the server has generated. Optionally, select the option button next to any log message and click View to see its full details.
The log viewer does not display messages that have been rotated into the archive log files.







Message Attributes
When an Oracle WebLogic Server instance writes a message to the server log file, the first line of each message begins with #### followed by the message attributes. Each attribute is contained between angle brackets. The following is an example of a message in the server log file:
####<Sept 22, 2004 10:46:51 AM EST> <Notice> <WebLogicServer> <MyComputer> <examplesServer> <main> <<WLS Kernel>> <> <null> <1080575211904> <BEA-000360> <Server started in RUNNING mode>
In this example, the message attributes are Locale-formatted Timestamp, Severity, Subsystem, Machine Name, Server Name, Thread ID, User ID, Transaction ID, Diagnostic Context ID, Raw Time Value, Message ID, and Message Text.
If a message is not logged within the context of a transaction, the angle brackets for the Transaction ID are present even though no Transaction ID is present. If the message includes a stack trace, the stack trace is included in the message text.
When an Oracle WebLogic Server instance writes a message to standard out, the output does not include the #### prefix and does not include the Server Name, Machine Name, Thread ID, User ID, Transaction ID, Diagnostic Context ID, and the Raw Time Value fields:
<Sept 22, 2004 10:51:10 AM EST> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>




Message Severity
Each log message has an associated severity level. The level gives a rough guide to the importance and urgency of a log message. Oracle WebLogic Server has predefined severities, ranging from TRACE to EMERGENCY, which are converted to a log level when dispatching a log request to the logger. By default, servers forward only messages of the severity level NOTICE or higher. Although you can modify the set of messages that are forwarded, servers can never forward messages of the DEBUG severity level.
The Oracle WebLogic Server subsystems generate many messages of lower severity and fewer messages of higher severity. For example, under normal circumstances, they generate many INFO messages and no EMERGENCY messages.






 
Message Catalog Using the Web
The screenshot shows the first page of the message catalog index. Use the WLS online message catalogs to obtain more information about a specific log message ID.
For a detailed description of the log messages in the Oracle WebLogic Server message catalogs, see Oracle WebLogic Server Message Catalogs in the online documentation. This index of messages describes all the messages generated by the Oracle WebLogic Server subsystems and provides a detailed description of the error, a possible cause, and a recommended action to avoid or fix the error.