K2 Auditing and Logging

K2 blackpearl has logging and auditing features that enables administrators to monitor and troubleshoot the K2 environment. System Event Logging is initiated automatically from product installation and is active through to runtime. System auditing features are initiated manually by the developer per individual process at design time and leveraged during runtime.

The logging and auditing features of the K2 product suite are built into the platform. Changing the default values will affect the performance of your system.

Advanced information: For additional information regarding Auditing and Logging read the K2 blackpearl Logging and Auditing whitepaper. Enabling Logging should only be enabled after reading the whitepaper, or under direction of K2 support or a K2 consultant.

Enable Host Server Logging

The steps described in this section show you how to enable logging, system requirements and possible implications are not discussed below.

  1. Browse to and open the following in Notepad: [SystemDrive]:\Program Files\K2 blackpearl\Host Server\Bin\HostServerLogging.config
  2. The following sections are used to configure logging:
    Default CodeSuggested Changes
    <ApplicationLevelLogSettings>
      <ApplicationLevelLogSetting Scope="Default">
        <LogLocationSettings>
          <LogLocation Name="ConsoleExtension" Active="True" LogLevel="Info" />
          <LogLocation Name="FileExtension" Active="False" LogLevel="All" />
          <LogLocation Name="EventLogExtension" Active="False" LogLevel="Debug" />
          <LogLocation Name="ArchiveExtension" Active="False" LogLevel="Debug" />
          <LogLocation Name="MSMQExtension" Active="False" LogLevel="Debug" />
        </LogLocationSettings>
      </ApplicationLevelLogSetting>
    </ApplicationLevelLogSettings>
    <LogLocation Name="ConsoleExtension" Active="True" LogLevel="Debug" />

    <LogLocation Name="FileExtension" Active="True" LogLevel="All" />
    <Extension Name="FileExtension" type="SourceCode.Logging.Extension.FileExtension">
      <Property Name="LogFileName" value="HostServer.log"/>
      <Property Name="LogFilePath" value="" />
      <Property Name="HashAlgorithm" value="CRC32" />
      <Property Name="MaxFileSizeKB" value="5000" />
      <Property Name="MaxLifetimeSpan" value="0:0:0:00" />
    </Extension>

      <Property Name="MaxFileSizeKB" value="5000">
    <Property Name="MaxLifetimeSpan" value="7:0:0:00" />

    Notes:
    There are two properties that can be modified for file extensions. Cycling the log files is based on the size or timespan (D:H:M:SS). The above settings sets the log file to cycle when the file size hits 5000KB (MaxFileSizeKB) or after a time span of 7 days (MaxLifetimeSpan). If you want to tweak the log file name and log file location, you can modify the LogFileName and LogFilePath parameters.

    <!-- Enable/Disable Async Queueing True/False-->
    <add key="AsyncQueueEnabled" value="True" />
    <add key="AsyncQueueEnabled" value="False" />

    Notes:
    Enables synchronous logging. This is useful in cases where the K2 Host Server service crashes before it can log any information.
    <!-- Message Logged was an Exception, Include Stack Trace -->
    <add key="IncludeStackTrace" value="False" />
    <add key="IncludeStackTrace" value="True" />
  3. Save and close the file.
  4. Restart the K2 service.
  5. By default the newly generated log file will be in the same directory as the modified config file. Alternatively verify the path in the ‘LogFilePath’ setting in the config file. The log files will be in the [SystemDrive]:\Program Files\K2 blackpearl\Host Server\Bin\ directory.

Enable SmartObject Server Logging

On all K2 Servers in the farm, you can enable detailed logging to help with SmartObject runtime debugging. To turn on the detailed logging, follow the steps below:

  1. Browse to and open the following in Notepad: [SystemDrive]:\Program Files\K2 blackpearl\Host Server\Bin\K2HostServer.exe.config
  2. Change the log="no" value to log="yes" as indicated in bold below:

    <logging>
      <serviceauthentication log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\serviceauth.log" overwrite="no" />
      <timestamping log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\timestamp.log" overwrite="no" />
      <brokerpackagein log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\brokerpackagein.log" overwrite="no" />
      <brokerpackageout log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\brokerpackageout.log" overwrite="no" />
      <servicepackagein log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\servicepackagein.log" overwrite="no" />
      <servicepackageout log="no" path="C:\Program Files (x86)\K2 blackpearl\ServiceBroker\Logs\servicepackageout.log" overwrite="no" />
    </logging>

  3. Save your changes to the config file.
  4. Restart the K2 service.
  5. The log files will be created in the ‘path’ attribute for each setting.

Configuration options for Active Directory User Manager message logging

The Active Directory User Manager (ADUM) log level and size are configurable to prevent oversized log files that impede the efficiency of the system. The configuration takes place in the HostServer.SecurityLabel table.

Log Level Configuration

The LogLevel setting is used to set the type of messages to be logged in ADUM. One or a combination of the following case-sensitive settings can be used to control what is logged:

  1. Error
    • Only error messages are logged.
    • This is the default level – new and upgraded environments will use this log level until changed by the user. User entered settings will be preserved in later upgrades.
  2. None
    • Nothing will be logged.
    • The ‘None’ log level supersedes all others if a combination of levels (e.g. Error, None) are used. So nothing will be logged.
  3. Debug
    • All debug messages will be logged; the resolving of users and groups as well as anything else that occurs within ADUM.
    • The Debug level is not recommended unless something specifically needs to be debugged in order to track a problem. The reason this level is not recommended is because the log files will grow very quickly and due to the volume of log entries there would be a severe performance impact on the server.
  4. All
    • Logs at all levels except NONE, this would put even more strain on the system than the Debug level and therefore is also not recommended unless necessary.

Log Size Configuration

The LogSize setting is used to set the maximum size of a log file in megabytes.

Configuring LogLevel and LogSize

To configure ADUM logging, the following script needs to be run with the value of the users K2 security label’s RoleInit column copied from the “HostServer.SecurityLabel” table and pasted between the SET and WHERE statements (replacing the red text in the code section below). Then add the LogLevel and LogSize section as indicated in yellow in the code section. In this example, LogLevel is set to log both Error and Debug messages with the file size not exceeding 1MB.

The USE statement must point to the K2 database which by default in K2 4.6 and later is named K2. The database name in previous or upgraded versions would still be named K2HostServer.

-- for unconsolidated DBs before K2 4.7 the DB name is [K2HostServer]
USE [K2] GO
UPDATE
[HostServer].[SecurityLabel]
SET
[RoleInit] = '<roleprovider><init>ADCache=0;LDAPPath=LDAP://DC=F1,DC=COM;ResolveNestedGroups=False;IgnoreForeignPrincipals=False;
IgnoreUserGroups=False;MultiDomain=False;OnlyUseSecurityGroups=False;LogLevel=Error,Debug;LogSize=1;
DataSources=&amp;amp;lt;DataSources&gt;&lt;DataSource Path="LDAP://DC=F1,DC=COM" NetBiosName="F1" /&gt;&lt;/DataSources&gt;;;</init><login/><implementation assembly="ADUM, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" type="ADUM.K2UserManager2"/><properties><user><property name="Name" type="System.String"/><property name="Description" type="System.String"/><property name="Email" type="System.String"/><property name="Manager" type="System.String"/><property name="SipAccount" type="System.String"/><property name="ObjectSID" type="System.String"/><property name="DisplayName" type="System.String"/><property name="CommonName" type="System.String"/><property name="UserPrincipalName" type="System.String"/></user><group><property name="Name" type="System.String"/><property name="Description" type="System.String"/><property name="Email" type="System.String"/></group></properties></roleprovider>'

WHERE
SecurityLabelName = 'K2' GO

After executing the script, restart the K2 server.

  1. A new log file will be created every time the server is restarted.
  2. The log file is no longer called AdumError1.txt. It is now called AdumError[Date]_[Increment].log where [Date] is the date the file was created and [Increment] is the number of the file per date. This number will increment when a new file is created on the same day as an already existing file (file size reached or server restarted on the same day).
  3. Logging format has been changed to conform to the HostServerLogging file.