Disabling Logging settings in Access Gateway Advanced Options does NOT stop debug logging to files

  • 7015149
  • 06-Jun-2014
  • 06-Jun-2014


NetIQ Access Manager 3.2
NetIQ Access Manager 4.0
NetIQ Access Manager Access Gateway debug Advanced Options enabled


Administrator enabled Access GAteway debug options to troubleshoot an issue with NetIQ technical support. After grabbing the required info, the debug options were removed. Despite updating the server successfully, the debug log files on the Access Gateway continued to grow to the point where file system warnings started to appear as the server was low on disk space.

The problem could be duplicated internally using the following steps:

a) enable the following advanced options for the AG

LogLevel info
DumpHeaders on
DumpResponseHeaders on
DumpHeadersFacility local6
DumpResponseHeadersFacility local6
DumpSoapMessages on
DumpSoapMessagesFacility local5

b) verify that the soapmessages, httpheaders and error_log file are written
with debug level info

c) Change the settings to be the following:

LogLevel warn
#DumpHeaders on
#DumpResponseHeaders on
#DumpHeadersFacility local6
#DumpResponseHeadersFacility local6
#DumpSoapMessages on
#DumpSoapMessagesFacility local5

d) apply the update until AG status is success

e) browse to any protected resources on that AG and verify that the httpheaders
and soapmessages files are being written to still. The error_log file appears
to be writing the correct info and working fine.


Apply NAM 4.0 SP1.


Because of graceful restart change added to Apache in NAM 3.2 SP2, the dump headers flag were not 
reset after removing the advanced options. With the NAM 4.0 SP1 change, the code is removed from the
core httpd code and added into mod_novell_ag, which is reset correctly with updates.