Problem solving#

Blitz Identity Provider operation logs are written to the /var/log/identityblitz directory on each server. The event log of each application is named according to the application:

  • blitz-console.log - admin console event log;

  • blitz-idp.log - authentication service event log;

  • blitz-registration.log - registration service event log;

  • blitz-recovery.log - access recovery service event log;

  • blitz-keeper.log - security gateway event log.

When errors related to Blitz Identity Provider operation occur (logged as [ERROR]), it is recommended to contact Blitz Identity Provider technical support at support@idblitz.com. When contacting Blitz Identity Provider, please specify the version of Blitz Identity Provider you are using.

If you need to change the logging level, you need to change the logging levels in the blitz.conf configuration file in the logger block.

The following logging levels are set by default:

"levels" : {
    "ROOT" : "TRACE",
    "application" : "TRACE",
    "com.couchbase.client" : "INFO",
    "com.couchbase.service" : "INFO",
    "com.couchbase.endpoint" : "INFO",
    "com.couchbase.node": "INFO",
    "com.couchbase.tracing": "INFO",
    "com.identityblitz" : "TRACE",
    "com.identityblitz.idp" : "TRACE",
    "com.identityblitz.idp.events" : "TRACE",
    "com.identityblitz.idp.flow.dynamic" : "TRACE",
    "com.identityblitz.idp.flow.dynamic.extend" : "TRACE",
    "com.identityblitz.idp.task.processing" : "DEBUG",
    "com.identityblitz.login-framework" : "TRACE",
    "com.identityblitz.login-framework.ldap-timings" : "INFO",
    "com.identityblitz.login.store" : "TRACE",
    "com.identityblitz.idp.rabbitmq" : "INFO",
    "com.identityblitz.play.memcached" : "INFO",
    "com.identityblitz.play.memcached.RefreshableMemcachedConnection" : "INFO",
    "com.unboundid.ldap.sdk" : "TRACE",
    "org.asynchttpclient.netty" : "TRACE",
    "org.opensaml" : "INFO",
    "org.opensaml.util.resource" : "INFO",
    "play" : "TRACE",
    "plugin.memcached" : "INFO"
}

To change the logging level, the ROOT and all com.identityblitz.* parameters should be assigned the value TRACE.

If the Blitz Identity Provider configuration change was accidentally made in the admin console, the previous versions of the blitz.conf and console.conf configuration files are saved in the hidden /usr/share/identityblitz/blitz-config/.snapshot directory. You can use these files to roll back to a previous configuration or to determine differences with the current configuration files.

To find out at what time and by whom a configuration file was changed, comments are placed at the beginning of the blitz.conf and console.conf configuration files indicating the time of editing and the author of the changes. An example of an audit record of a configuration file change is given below:

##########################################################################################
# modified: 2021-05-09 20:55:55 MSK
# author: admin
# ip: 0:0:0:0:0:0:0:1
# user agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
##########################################################################################