Editing NLog

Keyfactor Command provides extensive logging for visibility and troubleshooting. For more information about troubleshooting, see Troubleshooting.

By default, Keyfactor Command places its log files in the C:\Keyfactor\logs directory, generates logs at the "Info" logging level, and stores the primary logs for two days before deleting them. If you wish to change these defaults you can open the configuration file for each type of log on each Keyfactor Command server where you wish to adjust logging, and edit the file in a text editor (e.g. Notepad) using the "Run as administrator" option. Each Keyfactor component has its own NLog configuration file and NLog logging output path.

Note:  By default, the filename for each component log is unique. This allows you to isolate and research issues on a component-by-component basis by viewing a specific log file. Alternatively, you may wish to change the default output filename to be the same for all logging components so all activity is reported in a single log file. You will note that the default Audit and Alert filenames for each component (for those components that log audits or alerts) are the same so that all activity is logged in the same file across the platform for this reason.
Tip:  If you use the default naming convention, and want to review an event that happened in the management portal, for instance, you would look in the Command_APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command._Log.txt and/or the Command_Portal_Log.txt.
Important:  If you do choose to name the log files the same across the platform, it is recommended that you also set the maxArchiveFiles values the same in each Nlog config file. If there is a different value for maxArchiveFiles for files with the same filename/location, the smallest value will override all others.

To make changes to your NLog configuration:

  1. On each Keyfactor Command server where you wish to adjust logging, open a text editor (e.g. Notepad) using the "Run as administrator" option.
  2. In the text editor, browse to open the desired Nlog.config file for the appropriate Keyfactor components. The files are located in application subdirectories under the installed directory, which are the following directories by default:

    • C:\Program Files\Keyfactor\Keyfactor Platform\WebConsole\NLog_Portal.config

      The Portal file is for logging any activity to do with the Keyfactor Command Management Portal, including users connecting to the portal, loading various pages in the portal, and taking actions.

      Note:  Many actions taken in the Keyfactor Command Management Portal are carried out using the Keyfactor API and Keyfactor is migrating the product to use the Keyfactor API more and more, so this file will have less and less activity going forward. See C:\Program Files\Keyfactor\Keyfactor Platform\KeyfactorAPI\NLog_KeyfactorAPI.config.
    • C:\Program Files\Keyfactor\Keyfactor Platform\KeyfactorAPI\NLog_KeyfactorAPI.config

      The KeyfactorAPI file is the primary file for logging activity related to making requests with the Keyfactor API. Since many of the functions in the Management Portal use the Keyfactor API, this log also includes activity related to running the Management Portal.

    • C:\Program Files\Keyfactor\Keyfactor Platform\Service\NLog_TimerService.config

      The Timer Service file logs activity related to scheduled and automated events within Keyfactor Command such as CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. synchronization, scheduled alerts, and scheduled reports.

    • C:\Program Files\Keyfactor\Keyfactor Platform\WebAgentServices\NLog_Orchestrators.config

      The Orchestrators, or OrchestratorsAPI, file logs activity related to Keyfactor Orchestrators API. Look here for messages related to orchestrators communicating with Keyfactor Command.

    • C:\Program Files\Keyfactor\Keyfactor Platform\Configuration\NLog_Configuration.config

      The Configuration file logs activity related to running the Keyfactor Command configuration wizard only. It may be useful to increase the logging level on this one if you are experiencing installation or upgrade issues.

    • C:\Program Files\Keyfactor\Keyfactor Platform\WebAPI\NLog_ClassicAPI.config

      The ClasssicAPI file logs activity involving the ClassicAPI from Keyfactor Command. You will only need to modify the logging settings on this one if you have upgraded from a previous version of Keyfactor Command and have implemented a custom application built with the Classic API.

    • Once configured, the log file location defined will look similar to this:

      Figure 416: C:\Keyfactor\logs logs

  3. Change the respective files and save your changes.