Logs¶
Log files provide a complete record of each FindFace Security component activity. Consulting logs is one of the first things you should do to identify a cause for any system problem.
| Component | Command to view log |
|---|---|
findface-extraction-api |
sudo tail -f /var/log/syslog | grep extraction-api |
findface-sf-api |
sudo tail -f /var/log/syslog | grep sf-api |
findface-tarantool-server |
sudo tail -f /var/log/tarantool/FindFace.log |
findface-video-manager |
sudo tail -f /var/log/syslog | grep video-manager |
findface-video-worker |
sudo tail -f /var/log/syslog | grep video-worker |
findface-security |
sudo tail -f /var/log/syslog | grep findface-security |
findface-ntls |
sudo tail -f /var/log/syslog | grep ntls |
findface-security |
sudo tail -f /var/log/syslog | grep security |
etcd |
sudo tail -f /var/log/syslog | grep etcd |
You can also consult audit log for each component. To do so, use the journalctl -u <component> command, for example:
journalctl -u findface-extraction-api
Important
In order to enable saving audit logs to your hard drive, uncomment and edit the Storage parameter in the /etc/systemd/journald.conf file:
sudo vi /etc/systemd/journald.conf
...
[Journal]
Storage=persistent
If necessary, uncomment and edit the SystemMaxUse parameter as well. This parameter determines the maximum volume of log files on your hard drive (10% by default).
SystemMaxUse=15
To view the FindFace Security audit logs, execute the following command:
journalctl -o verbose SYSLOG_IDENTIFIER=ffsecurity
When interpreting audit logs, first of all pay attention on the following parameters:
REQUEST_USER: user who made the changes;REQUEST_PATH: URL of the request;REQUEST_DATA: detailed information of the request.
In the log below, the admin user creates a dossier id=1879:
Fr 2017-12-22 17:53:32.436258 MSK [s=0b5566699751426983e13241301205e9;i=e26015;b=907c34cc1fde4398af63bb575587d9ba;m=246f620c449;t=560eefaf59bc5;x=ed60a136c8fc6362]
PRIORITY=6
_UID=123
_GID=130
_CAP_EFFECTIVE=0
_BOOT_ID=907c34cc1fde4398af63bb575587d9ba
_MACHINE_ID=a3eea61c03e041ef8e64d5c72f5fce40
_HOSTNAME=ntechadmin
SYSLOG_IDENTIFIER=ffsecurity
THREAD_NAME=MainThread
_TRANSPORT=journal
_PID=6579
_COMM=findface-securi
_EXE=/opt/ffsecurity/bin/python3
_CMDLINE=/opt/ffsecurity/bin/python /opt/ffsecurity/bin/findface-security runworker
_SYSTEMD_CGROUP=/system.slice/system-findface\x2dsecurity\x2dworker.slice/findface-security-worker@4.service
_SYSTEMD_UNIT=findface-security-worker@4.service
_SYSTEMD_SLICE=system-findface\x2dsecurity\x2dworker.slice
CODE_FILE=/opt/ffsecurity/lib/python3.5/site-packages/ffsecurity/mixins.py
CODE_LINE=94
CODE_FUNC=finalize_response
REQUEST_USER=admin
LOGGER=ffsecurity.audit
MESSAGE=N8Be05il POST /dossier-faces/ 201 by admin
REQUEST_DATA={"dossier": "'1879'", "source_photo": "<InMemoryUploadedFile: 14927016033292449.jpeg (image/jpeg)>"}
REQUEST_PATH=/dossier-faces/
REQUEST_ID=N8Be05il
_SOURCE_REALTIME_TIMESTAMP=1513954412436258
In the next log, the list of faces is requested for the dossier id=1879:
Fr 2017-12-22 17:53:32.475467 MSK [s=0b5566699751426983e13241301205e9;i=e26016;b=907c34cc1fde4398af63bb575587d9ba;m=246f6215d82;t=560eefaf634fe;x=b1374a144a46b5cd]
PRIORITY=6
_UID=123
_GID=130
_CAP_EFFECTIVE=0
_BOOT_ID=907c34cc1fde4398af63bb575587d9ba
_MACHINE_ID=a3eea61c03e041ef8e64d5c72f5fce40
_HOSTNAME=ntechadmin
SYSLOG_IDENTIFIER=ffsecurity
THREAD_NAME=MainThread
_TRANSPORT=journal
_COMM=findface-securi
_EXE=/opt/ffsecurity/bin/python3
_CMDLINE=/opt/ffsecurity/bin/python /opt/ffsecurity/bin/findface-security runworker
_SYSTEMD_SLICE=system-findface\x2dsecurity\x2dworker.slice
_PID=6588
_SYSTEMD_CGROUP=/system.slice/system-findface\x2dsecurity\x2dworker.slice/[email protected]
[email protected]
CODE_FILE=/opt/ffsecurity/lib/python3.5/site-packages/ffsecurity/mixins.py
CODE_LINE=94
CODE_FUNC=finalize_response
REQUEST_USER=admin
REQUEST_DATA={}
LOGGER=ffsecurity.audit
MESSAGE=Dee7Qvy4 GET /dossier-faces/?dossier=1879&limit=1000 200 by admin
REQUEST_ID=Dee7Qvy4
REQUEST_PATH=/dossier-faces/?dossier=1879&limit=1000
_SOURCE_REALTIME_TIMESTAMP=1513954412475467