Environment
NetIQ Access Manager 3.1
NetIQ Access Manager 3.1 Support Pack 5 applied
NetIQ Access Manager 3.1 Access Gateway Service running on Linux
NetIQ Access Manager 3.1 Support Pack 5 applied
NetIQ Access Manager 3.1 Access Gateway Service running on Linux
Situation
After upgrading the Access Gateway Service (AGS) from 3.1.4 to 3.1.5, the proxy HTTP logs are created in
/var/log/novell-apache2/ instead of
/var/log/novell/reverse/[proxyname]. Looking at the configuration files for the problem proxy services (/etc/opt/novell/apache2/conf/vhosts.d/), we could clearly see that the configuration was defined incorrectly with the wrong paths. For example, the following CustomLog entry shows the /var/log/novell-apache2/ path:
The correct path should have been like the following entry with /var/log/novell/reverse/web01/web01-web01c ...
LogFormat "%t - %h - %<u %A %U %s %I \"%{Content-Range}o\" \"%{ETag}o\" %X \"%{Cache-Control}o\" \"%{Range}o\" \"%{If-Range}o\" %B \"%{Pragma}i\" \"%{Pragma}o\"" web01-web01c
CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell/reverse/web01/web01-web01c.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" web01-web01c env=web01c
LogFormat "%t - %h - %<u %A %v %m %U %U %q \"%r\" %>s %O %I %D
\"%{user-agent}i\" \"%{IPCZQX0}C\" \"%{referer}i\" - %a
\"%{BALANCER_WORKER_IP}e\" \"%{x-forward-for}i\" %s %I \"%{Content-Range}o\"
\"%{ETag}o\" %X \"%{Cache-Control}o\" \"%{Range}o\" \"%{If-Range}o\" %B
\"%{Pragma}i\" \"%{Pragma}o\"" srv2-srv2
CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell-apache2/srv2-srv2.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" srv2-srv2 env=srv2
CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell-apache2/srv2-srv2.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" srv2-srv2 env=srv2
The correct path should have been like the following entry with /var/log/novell/reverse/web01/web01-web01c ...
LogFormat "%t - %h - %<u %A %U %s %I \"%{Content-Range}o\" \"%{ETag}o\" %X \"%{Cache-Control}o\" \"%{Range}o\" \"%{If-Range}o\" %B \"%{Pragma}i\" \"%{Pragma}o\"" web01-web01c
CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell/reverse/web01/web01-web01c.extended.log.%Y-%m-%d-%H_%M_%S\" 86400 540" web01-web01c env=web01c
Resolution
Manually verify that the valid path where the HTTP log entries should exist is actually there. It appears that if the Proxy cannot write the logs to /var/logs/novell/reverse
it will instead write them to /var/logs/novell-apache2.
When we applied 3.1.5, it failed to write the logs if
/var/logs/novell/reverse/[proxy] did not exist, so we had to create that
folder manually.Make sure that the permissions for the directories are set to the following too:
chmod 770 /var/log/novell
chown novlwww:novlwww /var/log/novell
chmod 755 /var/log/novell/reverse
chown novlwww:novlwww /var/log/novell/reverse
chmod 755 /var/log/novell/reverse/*
chown novlwww:novlwww /var/log/novell/reverse/*
/etc/init.d/novell-tomcat5 restart
chown novlwww:novlwww /var/log/novell
chmod 755 /var/log/novell/reverse
chown novlwww:novlwww /var/log/novell/reverse
chmod 755 /var/log/novell/reverse/*
chown novlwww:novlwww /var/log/novell/reverse/*
/etc/init.d/novell-tomcat5 restart