icm/security_log

Use

You can use this parameter to control the output of the security log from the ICM and SAP Web Dispatcher.

Properties

Work area

Internet Communication Manager, SAP Web Dispatcher

Unit

Character string

Standard value

LOGFILE=dev_icm_sec,MAXSIZEKB=500

Dynamically changeable

Local and on all servers

Value Range and Syntax

The parameter has the following syntax:

icm/security_log = PREFIX=<URL prefix>, LOGFILE=<name of log file>, LEVEL=<security level>, MAXSIZEKB=<max. size of log file>, SWITCHTF=<options for new file>, FILEWRAP=on]

This is explained below.

PREFIX

URL prefix that is called for this HTTP subhandler (for example, “/”).(See also Processing HTTP Requests.)

LOGFILE

Name of the output file in the file system. So that you can assign the files meaningful names, use the following options when entering the log file:

%d

Day of the month (1-31)

%m

Month (1-12)

%y

Year, in the format YYYY

%h

Hour (0-23)

%t

Minute (0-59)

%s

Second (0-59)

%%

“%” character

You can also add a timestamp to the file names making them easier to manage.

When setting parameter icm/HTTP/logging_<xx>, if you want to assign the date and time to the file names, you can set the names as follows:

LOGFILE=access_log-%d-%m-%y_%h:%t:%s  

This creates a log file with the name: access_log-15-12-2000_16:51:53

LEVEL

Value range 1-3.

This value indicates the level of detail recorded in the trace.

1

Only the reason for the entry is recorded

2

Additional information about the status of the connection and the start of the data that gave rise to the entry is recorded (this is the default value if LEVEL is not specified)

3

All the data that gave rise to the entry is logged.

MAXSIZEKB

MAXSIZEKB is the maximum size of the log file in kilobytes.

If this size is exceeded, the current file is closed and a new one (with a new name) is opened.

The new file name is unique (this is achieved by specifying time and date fields, see above), or else is made unique by adding “_xx” to the end (where xx is a number increasing from 0).

If FILEWRAP=on was selected, no new file is opened (see below).

SWITCHTF

A new log file can not only be created if the file has reached a certain size, but also when the time data changes:

hour

A new log file is opened every hour   

day

A new log file is opened every day

month

A new log file is opened every month

FILEWRAP

If FILEWRAP=on is active, every time a new file is opened, the existing log file is reset and overwritten. Therefore, there is always only one log file with the current log data.

If you omit this option, once the size has been exceeded a new file is written (see above).

 

You can use on or ON, but you cannot use a mixture of upper and lower case.

PREFIX=/, LOGFILE=dev_http_access_log, SWITCHTF=day, FILEWRAP=on

More Information

Note the following documentation:

Security Log