Overview
Logging can be enabled in FogBugz On-Premises for the Website and for the Heartbeat Pinger service. We recommend enabling logging as described below only as a temporary troubleshooting aid. Disable these detailed loggings once troubleshooting is done, otherwise, the detailed logs might use up your disk space.
Audit Logging is available in Website logs since FogBugz On-Premises 8.21.919.
For logging in FogBugz 8.8.55 and below, please see the doc for logging with FogBugz For Your Server.
Prerequisites
- Administrator right on the Webserver running the FogBugz website
Solution
FogBugz On-Premises ships with a basic log4net configuration that will meet most of your temporary logging needs. Adjusting the verbosity and targets of the logs works as described in the official log4net documentation.
When configuring the file name and path, make sure they are correct, because depending on the user rights of the Service User runing the FogBugz website, the following can happen:
- When it does not have Administrator rights, the logging will fail.
- When it has Administrator rights:
- if the file does not exist, it will be created
- if there is a typo in the path, the "missing" path will be created
Website Logging
Website logging enables output for each and every web request handled by FogBugz.
Enable Website Logging
- Navigate to [Your On-Premises installation directory]\installed-components\fogbugz\fogbugz_{version}\Website] folder
- Edit logging.config
- Locate the following appender:
<appender name="File" type="log4net.Appender.FileAppender">
- Configure the log file location by editing the
file value
parameter of the appender. By default it isc:\logs\fogbugz.log
<file value="c:\logs\fogbugz.log" />
- Locate the the <root> node:
- Uncomment the following
appender-ref
node under the <root> node by removing the<!--
and-->
around it, so it looks like this:<appender-ref ref="File" />
- Save the file.
- Restart the IIS Server using the IIS Manager, or by issuing the
iisreset
command from a command prompt. - Verify that the website started to add new records to the configured log file.
Disable Website Logging
- Navigate to [Your On-Premises installation directory]\installed-components\fogbugz\fogbugz_{version}\Website] folder
- Edit logging.config
- Locate the the <root> node:
- Comment out the following
appender-ref
node under the <root> node by adding the<!--
and-->
around it, so it looks like this:<!-- <appender-ref ref="File" /> -->
- Save the file.
- Restart the IIS Server using the IIS Manager, or by issuing the
iisreset
command from a command prompt. - Verify that the website stopped adding records to the configured log file.
Audit Logs in Website Logging
Audit Log items are logged in the Website log file at "NOTICE" log level and prefixed with the string (AUDIT). Here is an example:
2020-10-28 15:02:50,646 NOTICE 7 FogBugz - -1:nukukub1f:0178.6109:0204.3434:(AUDIT) Modify User; Attempt; Administrator; 127.0.0.1; fogbugz.contoso.com; User account changes requested for ixPerson 5
Appender for filtering Audit Logs
Note: Save a copy of your current logging.config file before doing any changes to it.
WARNING: This section is only for advanced users, who are familiar with how the log appenders work. Misconfiguration could lead to malfunctioning of the logging, or in the worst case, the Website will not start.
If you would like to have the audit log items logged to a separate file you will need to add a new appender that is going to filter the "NOTICE" log level messages containing the string "(AUDIT)".
To add such an appender follow the steps below:
- Navigate to [Your On-Premises installation directory]\installed-components\fogbugz\fogbugz_{version}\Website] folder
- Edit logging.config
- Add the following appender to the list of appenders:
<!-- log only AUDIT logs --> <appender name="AuditLogToFile" type="log4net.Appender.FileAppender"> <file value="c:\logs\fogbugz_audit.log" /> <appendToFile value="true" /> <lockingModel type="log4net.Appender.FileAppender+MinimalLock" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%utcdate %level %thread %logger - %message%newline"/> </layout> <!-- filter for AUDIT logs --> <filter type="log4net.Filter.LevelMatchFilter"> <levelToMatch value="NOTICE" /> <stringToMatch value="(AUDIT)" /> </filter> <!-- do not log anything else to this file --> <filter type="log4net.Filter.DenyAllFilter" /> </appender>
- Configure the log file location by editing the
file value
parameter of the appender. By default it isc:\logs\fogbugz_audit.log
<file value="c:\logs\fogbugz_audit.log" />
- Add the appender to the appenders list by adding the following line to the <root> node (adding it by its name):
<appender-ref ref="AuditLogToFile" />
- Save the file.
- Restart the IIS Server using the IIS Manager, or by issuing the
iisreset
command from a command prompt. - Logout from FogBugz and log back in. This way audit log actions are generated.
- Verify in the audit log file (in the example above
c:\logs\fogbugz_audit.log
) that your logout and login actions have been logged.
Logged Audit Log Actions
- All successful login events and unsuccessful login attempts
- All logoff events
- This includes both events that occur when a user manually logs out, and events that occur when an administrator uses the Session Management page in Manuscript to terminate a session, delete a token, or kill all active sessions.
- The creation, modification, and deletion of user accounts
- The generation of a new API token during a user’s session
- All attempts to perform unauthorized activities that result in a 403 error code
Logged Information per Action
- The name of the action
- The date and time of the action (in the format “YYYY-MM-DD HH:mm:ss”)
- The name of the user (using the FogBugz field “sFullName”, which should contain both the first and last name of the user who is currently logged in) associated with the action
- The outcome of the action
- The action attempt will be logged as one line, and its success or failure will be logged as a separate line
- In the case of a partial success of an action, the part of the action that succeeded and the parts of the action that failed will be logged in separate lines
- The IP address associated with the action
- The name of the system from which the action originated will also be logged, but only when the Reverse DNS lookup on the IP address succeeds; in the case of a Reverse DNS lookup failure, the name of the system will not be logged.
Heartbeat Pinger Logging
The Heartbeat Pinger ensures that periodic tasks in FogBugz (checking mail, firing Web Hooks, sending notifications, etc) are run. If these tasks aren’t working and website logging doesn’t indicate any problems, there might be a problem with the Heartbeat Pinger Service.
Enable FogBugz Heartbeat Pinger Logging
- Navigate to [Your On-Premises installation directory]\installed-components\heartbeatpinger\heartbeatpinger_{version}
- Edit logging.config
- Locate the following appender:
<appender name="File" type="log4net.Appender.FileAppender">
- Configure the log file location by editing the
file value
parameter of the appender. By default it isc:\logs\pinger.log
<file value="c:\logs\pinger.log" />
- Locate the the <root> node:
- Uncomment the following
appender-ref
node under the <root> node by removing the<!--
and-->
around it, so it looks like this:<appender-ref ref="File" />
- Save the file.
- Restart the FogBugz Heartbeat Pinger service using the Services Windows control panel.
- Verify that the Heartbeat Pinger service started to add new records to the configured log file.
Disable Heartbeat Pinger Logging
- Navigate to [Your On-Premises installation directory]\installed-components\heartbeatpinger\heartbeatpinger_{version}
- Edit logging.config
- Locate the the <root> node:
- Comment out the following
appender-ref
node under the <root> node by adding the<!--
and-->
around it, so it looks like this:
<!-- <appender-ref ref="File" /> -->
- Save the file.
- Restart the FogBugz Heartbeat Pinger service using the Services Windows control panel.
- Verify that the Heartbeat Pinger service stopped to add new records to the configured log file.