This topic discusses how you would interpret the information presented
in a log file. Depending on the type of output you selected for your logs,
you can view the log files in the log viewer on the administrative console,
the Log Analyzer program that is installed with the product, or in a separate
text file editor of your choice.
Events fired to the logger by service component monitoring are encoded
in Common Base Event format. When published to a log file, the event is included
as a single, lengthy line of text in XML tagging format, which will also include
several logger-specific fields, as outlined below. You should consult the event catalog section of this documentation
for details on deciphering the Common Base Event coding of the logged event.
Use this section to understand the other fields contained in each entry of
the log file, and how the format you chose for the log file when you configured
the logger is structured.
Basic and advanced format fields
On a process server,
logging output can be directed either to a file or to an in-memory circular
buffer. If trace output is directed to the in-memory circular buffer, it must
be dumped to a file before it can be viewed. Output is generated as plain
text in either basic, advanced or log analyzer format as specified by the
user. The basic and advanced formats for output are similar to the basic and
advanced formats that are available for the message logs. Basic and Advanced
Formats use many of the same fields and formatting techniques. The fields
that can be used in these formats include:
- TimeStamp
- The timestamp is formatted using the locale of the process where it is
formatted. It includes a fully qualified date (YYMMDD), 24 hour time with
millisecond precision and the time zone.
- ThreadId
- An 8 character hexadecimal value generated from the hash code of the thread
that issued the trace event.
- ThreadName
- The name of the Java™ thread that issued the message or trace
event.
- ShortName
- The abbreviated name of the logging component that issued the trace event.
This is typically the class name for WebSphere® Process Server internal
components, but may be some other identifier for user applications.
- LongName
- The full name of the logging component that issued the trace event. This
is typically the fully qualified class name for WebSphere Process Server internal
components, but may be some other identifier for user applications.
- EventType
- A one character field that indicates the type of the trace event. Trace
types are in lower case. Possible values include:
- 1
- a trace entry of type fine or event.
- 2
- a trace entry of type finer.
- 3
- a trace entry of type finest, debug or dump.
- Z
- a placeholder to indicate that the trace type was not recognized.
- ClassName
- The class that issued the message or trace event.
- MethodName
- The method that issued the message or trace event.
- Organization
- The organization that owns the application that issued the message or
trace event.
- Product
- The product that issued the message or trace event.
- Component
- The component within the product that issued the message or trace event.
Basic format
Trace events displayed in basic format
use the following format:
<timestamp><threadId><shortName><eventType>[className][methodName]<textmessage>
[parameter 1]
[parameter 2]
Advanced format
Trace events displayed in advanced
format use the following format:
<timestamp><threadId><eventType><UOW><source=longName>[className][methodName]
<Organization><Product><Component>[thread=threadName]
<textMessage>[parameter 1=parameterValue][parameter 2=parameterValue]
Log analyzer format
Specifying the log analyzer
format allows you to open trace output using the Log Analyzer tool, which
is an application included with WebSphere Application Server. This is useful
if you are trying to correlate traces from two different server processes,
because it allows you to use the merge capability of the Log Analyzer.