.. _logs: Logs ===================================== Log files provide a complete record of each FindFace Security component activity. Consulting logs is one of the first things you should do to identify a cause for any system problem. +---------------------------------------+--------------------------------------------------------------+ | Component | Command to view log | +=======================================+==============================================================+ | ``findface-extraction-api`` | sudo tail -f /var/log/syslog | grep extraction-api | +---------------------------------------+--------------------------------------------------------------+ | ``findface-sf-api`` | sudo tail -f /var/log/syslog | grep sf-api | +---------------------------------------+--------------------------------------------------------------+ | ``findface-tarantool-server`` | sudo tail -f /var/log/tarantool/shard-00* | +---------------------------------------+--------------------------------------------------------------+ | ``findface-video-manager`` | sudo tail -f /var/log/syslog | grep video-manager | +---------------------------------------+--------------------------------------------------------------+ | ``findface-video-worker`` | sudo tail -f /var/log/syslog | grep video-worker | +---------------------------------------+--------------------------------------------------------------+ | ``findface-security`` | sudo tail -f /var/log/syslog | grep findface-security | +---------------------------------------+--------------------------------------------------------------+ | ``findface-ntls`` | sudo tail -f /var/log/syslog | grep ntls | +---------------------------------------+--------------------------------------------------------------+ | ``findface-security`` | sudo tail -f /var/log/syslog | grep security | +---------------------------------------+--------------------------------------------------------------+ | ``etcd`` | sudo tail -f /var/log/syslog | grep etcd | +---------------------------------------+--------------------------------------------------------------+ | ``pgbouncer`` | sudo tail -f /var/log/syslog | grep pgbouncer | +---------------------------------------+--------------------------------------------------------------+ | ``findface-counter`` | sudo tail -f /var/log/syslog | grep counter | +---------------------------------------+--------------------------------------------------------------+ You can also consult audit log for each component. To do so, use the ``journalctl -u `` command, for example: .. code:: journalctl -u findface-extraction-api .. important:: In order to enable saving audit logs to your hard drive, uncomment and edit the ``Storage`` parameter in the ``/etc/systemd/journald.conf`` file: .. code:: sudo vi /etc/systemd/journald.conf ... [Journal] Storage=persistent If necessary, uncomment and edit the ``SystemMaxUse`` parameter as well. This parameter determines the maximum volume of log files on your hard drive (10% by default). .. code:: SystemMaxUse=15 To view the FindFace Security audit logs, execute the following command: .. code:: journalctl -o verbose SYSLOG_IDENTIFIER=ffsecurity When interpreting audit logs, first of all pay attention on the following parameters: * ``REQUEST_USER``: user who made the changes; * ``REQUEST_PATH``: URL of the request; * ``REQUEST_DATA``: detailed information of the request. In the log below, the ``admin`` user creates a dossier ``id=1879``: .. code:: Fr 2017-12-22 17:53:32.436258 MSK [s=0b5566699751426983e13241301205e9;i=e26015;b=907c34cc1fde4398af63bb575587d9ba;m=246f620c449;t=560eefaf59bc5;x=ed60a136c8fc6362] PRIORITY=6 _UID=123 _GID=130 _CAP_EFFECTIVE=0 _BOOT_ID=907c34cc1fde4398af63bb575587d9ba _MACHINE_ID=a3eea61c03e041ef8e64d5c72f5fce40 _HOSTNAME=ntechadmin SYSLOG_IDENTIFIER=ffsecurity THREAD_NAME=MainThread _TRANSPORT=journal _PID=6579 _COMM=findface-securi _EXE=/opt/findface-security/bin/python3 _CMDLINE=/opt/findface-security/bin/python /opt/findface-security/bin/findface-security runworker _SYSTEMD_CGROUP=/system.slice/system-findface\x2dsecurity\x2dworker.slice/findface-security-worker@4.service _SYSTEMD_UNIT=findface-security-worker@4.service _SYSTEMD_SLICE=system-findface\x2dsecurity\x2dworker.slice CODE_FILE=/opt/findface-security/lib/python3.6/site-packages/ffsecurity/mixins.py CODE_LINE=94 CODE_FUNC=finalize_response REQUEST_USER=admin LOGGER=ffsecurity.audit MESSAGE=N8Be05il POST /dossier-faces/ 201 by admin REQUEST_DATA={"dossier": "'1879'", "source_photo": ""} REQUEST_PATH=/dossier-faces/ REQUEST_ID=N8Be05il _SOURCE_REALTIME_TIMESTAMP=1513954412436258 In the next log, the list of faces is requested for the dossier ``id=1879``: .. code:: Fr 2017-12-22 17:53:32.475467 MSK [s=0b5566699751426983e13241301205e9;i=e26016;b=907c34cc1fde4398af63bb575587d9ba;m=246f6215d82;t=560eefaf634fe;x=b1374a144a46b5cd] PRIORITY=6 _UID=123 _GID=130 _CAP_EFFECTIVE=0 _BOOT_ID=907c34cc1fde4398af63bb575587d9ba _MACHINE_ID=a3eea61c03e041ef8e64d5c72f5fce40 _HOSTNAME=ntechadmin SYSLOG_IDENTIFIER=ffsecurity THREAD_NAME=MainThread _TRANSPORT=journal _COMM=findface-securi _EXE=/opt/ffsecurity/bin/python3 _CMDLINE=/opt/ffsecurity/bin/python /opt/ffsecurity/bin/findface-security runworker _SYSTEMD_SLICE=system-findface\x2dsecurity\x2dworker.slice _PID=6588 _SYSTEMD_CGROUP=/system.slice/system-findface\x2dsecurity\x2dworker.slice/findface-security-worker@2.service _SYSTEMD_UNIT=findface-security-worker@2.service CODE_FILE=/opt/findface-security/lib/python3.6/site-packages/ffsecurity/mixins.py CODE_LINE=94 CODE_FUNC=finalize_response REQUEST_USER=admin REQUEST_DATA={} LOGGER=ffsecurity.audit MESSAGE=Dee7Qvy4 GET /dossier-faces/?dossier=1879&limit=1000 200 by admin REQUEST_ID=Dee7Qvy4 REQUEST_PATH=/dossier-faces/?dossier=1879&limit=1000 _SOURCE_REALTIME_TIMESTAMP=1513954412475467