PAA Troubleshooting
    • 09 Nov 2023
    • 3 Minutes to read
    • Dark
      Light
    • PDF

    PAA Troubleshooting

    • Dark
      Light
    • PDF

    Article summary

    About PAA Troubleshooting

    The PlainID PAA is deployed on premises as a hybrid component and communicates with the Authorization Platform in the cloud. PlainID supports an admin API from the cloud, that can change logging level of services on premises to ease PAA service troubleshooting. Retrieving or modifying loggers is available for the PlainID Agent and PIP-Operator services and can be done without restarting the service or updating packages.
    Only the Tenant Admins with JWT authentication can access these endpoints.

    Changing Log Levels for PAA Troubleshooting

    The PAA Logger API responses include a list of the PAA loggers which are configured in the PAA either through a Standalone configuration or the Environment Variables in Kubernetes.
    The configurationLevel parameter indicates the logger level in the configuration, while the effectiveLevel indicates what the current logger level is. By default, the response only includes the configured loggers.

    Important

    It is recommended to exercise caution when modifying log levels, ensuring that they are set appropriately for troubleshooting and not left at higher levels in production environments.

    To use these APIs, use the following URL's with your tenant details:

    Enter your dedicated domain/URL according to your PlainID Tenant Location:

    United States (US) - https://api.us1.plainid.io
    Canada (CA) - https://api.ca1.plainid.io
    Europe (EU) - https://api.eu1.plainid.io
    Local PAA - https://api.plainid.local

    ​Make sure to specify the regions indicated in the dedicated domain/URLs in the endpoints.

    Authentication

    These APIs require JWT authentication with Tenant Admin permissions.

    Security: Bearer Auth

    For more details on how to access Administration APIs and Authentication click here.

    Provide your bearer token in the Authorization header when making requests to protected resources.
    Example: Authorization: Bearer 123

     


    PAA Logger APIs

    The log level modification functionality is exposed through the following endpoints in the PIP Management:

    Retrieving Loggers

    GET https://api.{region}.plainid.io/pip-mgmt/1.0/monitor/loggers/{SERVICE_NAME}/{PAA_ID}
    GET https://api.{region}.plainid.io/pip-mgmt/1.0/monitor/loggers/{SERVICE_NAME}/{PAA_ID}/{LOGGER_NAME}

    To retrieve a list of the logger/s in the service:

    1. Copy the GET request above.
    2. Modify the Service Name (Agent or PIP Operator) and the PAA ID.
    3. Specify the logger at the end of the endpoint to target a specific logger if needed. If no logger is specified, all loggers will be fetched.
    4. Ensure you are authenticated and make the GET request.

    To retrieve all loggers, including unconfigured loggers, append ?configured=false to the endpoint URL.

    ​Example response with all configured loggers (condensed):

    {
    "data": {
            "levels": [
                "TRACE",
                "DEBUG",
                "INFO",
                "WARN",
                "ERROR"
            ],
            "loggers": {
                "com": {
                    "configuredLevel": "INFO",
                    "effectiveLevel": "INFO"
                },
                "org.teiid.COMMAND_LOG": {
                    "configuredLevel": "ERROR",
                    "effectiveLevel": "ERROR"
                },
                ...
                "org.teiid.RUNTIME": {
                    "configuredLevel": "INFO",
                    "effectiveLevel": "INFO"
                }
            }
        }
    }
    

    Example response with a specified configured logger (e.g"org.teiid.RUNTIME" logger):

    {
        "data": {
            "configuredLevel": "INFO",
            "effectiveLevel": "INFO"
        }
    }
    

    Response

    ParameterTypeDescription
    configuredLevelstringIndicates the level of the logger according to the configuration.
    effectiveLevelstringIndicates the current logger level. This can be modified with the configuredLevel parameter in the POST method.

    Modifying the Log Level

    POST https://api.{region}.plainid.io/pip-mgmt/1.0/monitor/loggers/{SERVICE_NAME}/{PAA_ID}/{LOGGER_NAME}

    To change the log level for a specific service:

    1. Copy the POST request above
    2. Modify the Service Name (Agent or PIP Operator) and the PAA ID.
    3. Specify the logger. This parameter is required.
    4. Use the configuredLevel parameter to specify the desired log level (INFO, TRACE, DEBUG, ERROR, etc.)
    5. Ensure you are authenticated and make the POST request.

    Example of body when modifying log level to TRACE:

    {
            "configuredLevel": "DEBUG"
    }
    

    Example of response when the log level is modified to TRACE:

    {
        "data": {
            "configuredLevel": "INFO",
            "effectiveLevel": "DEBUG"
        }
    }
    

    Response

    ParameterTypeDescription
    configuredLevelstringIndicates the level of the logger according to the configuration.
    effectiveLevelstringIndicates the current logger level. This can be modified with the configuredLevel parameter in the POST method.

    Logging Configuration

    Changes made through this are not permanent and revert to the initial setup if the service is restarted. For permanent log level changes, modifications should be made through helm or standalone configurations. These changes are ongoing, even after service restarts. Refer to the appropriate Helm and Standalone configurations to customize the loggers:

    For Helm Configuration Logging, copy the following parameters from the values.yaml file, add them to the custom-values.yaml file and modify as needed according to the service:

    • PIP-Operator

      • .Values.pipOperator.logLevel
    • PlainID Agent

      • .Values.agent.logLevel

    For the Standalone Configuration Logging, copy the log levels and modify these parameters in the Environment Variables as needed according to the service:



    Was this article helpful?