diff --git a/en/asgardeo/docs/assets/img/guides/actions/action-diagnostics-logs-in-ui.png b/en/asgardeo/docs/assets/img/guides/actions/action-diagnostics-logs-in-ui.png new file mode 100644 index 0000000000..488b1052a7 Binary files /dev/null and b/en/asgardeo/docs/assets/img/guides/actions/action-diagnostics-logs-in-ui.png differ diff --git a/en/asgardeo/docs/guides/asgardeo-logs/diagnostic-logs.md b/en/asgardeo/docs/guides/asgardeo-logs/diagnostic-logs.md index 9527f6dcf1..1b3a1707d6 100644 --- a/en/asgardeo/docs/guides/asgardeo-logs/diagnostic-logs.md +++ b/en/asgardeo/docs/guides/asgardeo-logs/diagnostic-logs.md @@ -4,7 +4,7 @@ Diagnostic logs in Asgardeo are designed to help developers diagnose and trouble ## Access diagnostic logs -To access audit logs: +To access diagnostics logs: 1. On the Asgardeo Console, go to **Log** diff --git a/en/includes/guides/customize/actions/understanding-actions.md b/en/includes/guides/customize/actions/understanding-actions.md index f8ce19751a..af9ae80ea3 100644 --- a/en/includes/guides/customize/actions/understanding-actions.md +++ b/en/includes/guides/customize/actions/understanding-actions.md @@ -136,11 +136,11 @@ The following diagram illustrates the sequence of these steps: ### Responses {{product_name}} expects -Your service must handle the action by responding to the request from WSO2 Identity Server. The JSON payload of your response may include different action statuses and can contain an operations object to indicate state or flow changes. The specifics of these statuses and operations depend on the action type. +Your service must handle the action by responding to the request from {{product_name}}. The JSON payload of your response may include different action statuses and can contain an operations object to indicate state or flow changes. The specifics of these statuses and operations depend on the action type. ### Time out and retry -When WSO2 Identity Server calls an external service, it enforces a default read timeout of five seconds and a connection timeout of two seconds. WSO2 Identity Server will attempt at most one retry for the following HTTP status codes received from your service: +When {{product_name}} calls an external service, it enforces a default read timeout of five seconds and a connection timeout of two seconds. {{product_name}} will attempt at most one retry for the following HTTP status codes received from your service: @@ -182,7 +182,115 @@ Requests will not be retried if the external service responds with HTTP status c ### Troubleshooting -!!! note - Troubleshooting logs are not yet incorporated but are planned for inclusion by end October 2024. +You can use diagnostic logs to capture detailed information during the troubleshooting process. Logs capture requests sent from {{product_name}} to your external action service, track the responses received, and include status and context data for response handling. + +Shown below is an example of a diagnostic log generated during the pre-issue access token action flow, while sending a request from {{product_name}} to the external endpoint. + +{% if product_name == "WSO2 Identity Server" %} +```json +{ + "logId": "582befe9-6114-4362-8fd4-05496e639fb8", + "recordedAt": { + "seconds": 1729488306, + "nanos": 479103000 + }, + "requestId": "d9b5f323-79cb-4a9e-9d84-f83ab7056122", + "resultStatus": "SUCCESS", + "resultMessage": "Call external service endpoint https://myextension.com for Pre Issue Access Token action.", + "actionId": "process-action-request", + "componentId": "action-execution", + "configurations": { + "action id": "0ab318c4-af38-4190-ae41-75f35ecdf7b6", + "action type": "Pre Issue Access Token", + "action endpoint": "https://myextension.com", + "action endpoint authentication type": "BASIC" + }, + "logDetailLevel": "APPLICATION" +} +``` +{%else %} + +![Asgardeo logs]({{base_path}}/assets/img/guides/actions/action-diagnostics-logs-in-ui.png){: width="600" style="display: block; margin: 0; border: 0.3px solid lightgrey;"} + +{%endif %} + +The following table gives an explanation to each property included in the diagnostic log event. + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PropertyDescription
logId +

Unique ID for each log event.

+
recordedAt

Timestamp of log event occurrence.

requestId

Unique ID to correlate the log event to a specific request.

resultStatus

Status of the log event. Either Success or Failed.

resultMessage

Description of the log event.

actionId

ID to identify a specific log event.

componentId

ID to identify the component where the log event was carried out.

configurations

System specific context data relevant to the log event.

input

Parameters given by the user which are applicable during the log event.

+ +{% if product_name == "WSO2 Identity Server" %} + +To enable diagnostic logs in system configurations, you may add the following configurations to the `deployment.toml` file located in the `/repository/conf` directory. + +```toml +[server] +diagnostic_log_mode = "full" +``` +!!!note + `[server]` is already defined in the `deployment.toml` file. So you just need to add the value. +Additionally, you may use system debug logs to capture similar context information mentioned above. You can enable it component wise by following the steps described [here.]({{base_path}}/deploy/monitor/monitor-logs/#enable-logs-for-a-component) + +For an example, your configuration should look like below. + +``` +logger.org-wso2-carbon-identity-action-execution.name=org.wso2.carbon.identity.action.execution +logger.org-wso2-carbon-identity-action-execution.level=DEBUG + +loggers = org-wso2-carbon-identity-action-execution +``` + +!!!note + It is highly recommended to disable both diagnostic logs and system debug logs once troubleshooting is completed as it may expose sensitive information included in responses and requests. + +{%else %} +You may view the diagnostics logs under the logs tab in Asgardeo. [Refer here]({{base_path}}/guides/asgardeo-logs/diagnostic-logs/) to learn more about diagnostic logs in Asgardeo. +{%endif %}