Configure Cloud Identity Agent Logs
Table of Contents
Expand all | Collapse all
-
- Cloud Identity Engine Attributes
- Collect Custom Attributes with the Cloud Identity Engine
- View Directory Data
- Cloud Identity Engine User Context
- Create a Cloud Dynamic User Group
- Configure Third-Party Device-ID
- Configure an IP Tag Cloud Connection
- Configure Dynamic Privilege Access in the Cloud Identity Engine
- Configure Security Risk for the Cloud Identity Engine
-
-
- Configure Azure as an IdP in the Cloud Identity Engine
- Configure Okta as an IdP in the Cloud Identity Engine
- Configure PingOne as an IdP in the Cloud Identity Engine
- Configure PingFederate as an IdP in the Cloud Identity Engine
- Configure Google as an IdP in the Cloud Identity Engine
- Configure a SAML 2.0-Compliant IdP in the Cloud Identity Engine
- Configure a Client Certificate
- Configure an OIDC Authentication Type
- Set Up an Authentication Profile
- Configure Cloud Identity Engine Authentication on the Firewall or Panorama
- Configure the Cloud Identity Engine as a Mapping Source on the Firewall or Panorama
- Configure Dynamic Privilege Access in the Cloud Identity Engine
-
- Get Help
Configure Cloud Identity Agent Logs
Learn how to set the Cloud Identity agent log level to
track events on the agent host for troubleshooting.
The Cloud Identity agent logs Cloud Identity
Engine events that occur on the agent host. You can use these logs
to monitor informational events such as new connections (Information—New connection 192.0.2.0: 49161),
or for troubleshooting (Error—Verification of Server Cert failed, stopping Cloud Identity Agent).
For example, the agent automatically generates logs if you test
connectivity when you Configure the Cloud Identity Agent. You can also
use the Event Viewer on the agent host to review logs created if
the agent is unable to connect to the Cloud Identity Engine due
to an incorrect bind DN or password, server unavailability, or other
issue.
The agent displays logs in the order in which they
were generated. To provide a consistent timestamp across timezones,
logs include the timezone information in Coordinated Universal Time (UTC),
where the time offset is indicated by + or -. For the complete log
history, check the CloudIdAgentDebug log file on the agent host,
which permanently retains all logs.
- Launch the agent.Select FileDebug.Select the type of event you want to log.The agent logs the events of the selected type and all subsequent types. For example, if you select Debug, the logs include error, warning, information, and debug events.
- If you select None, the Cloud Identity agent does not log events at any level.
- If you select Information, Warning, or Error, the agent deletes the data from the log after sending it to the debug log on the agent host.
- If you select Debug or Verbose, the received data is stored permanently on the disk until you delete the files.
To remove log files from the agent’s user interface, you can optionally Clear Cloud Identity Agent Logs.