Troubleshooting
Problem
How to enable and collect GSKit trace for IBM Security Access Manager (ISAM) appliance
Environment
ISAM versions 8 and 9
Resolving The Problem
Please follow one of the three sections for the component you need to trace. Policy Server, WebSEAL, or Authorization Server.
For Policy Server (9010+)
1) In ISAM LMI go to Secure Web Settings -> Runtime Component -> Manage -> Configuration Files -> ivmgrd.conf 2) Add the following lines at bottom of the file or go to the stanza [system-environment-variables] and insert [system-environment-variables] GSK_TRACE_FILE = ../log/gskit.trc GSKTRACE_NOBUFFERING = YES GSK_TRACE_FILE_SIZE = 30000000 GSK_TRACE_FILE_NUMBER = 10 3) Save->Deploy->Restart runtime 4) Recreate issue 5) Edit conf file and remove the GSK* settings. (Save -> Deploy -> Restart instance) 6) The log can be deleted at Monitor Analysis and Diagnostics -> Application Log Files -> isam_runtime -> policy_server but cannot be download. Create and submit support file (instructions: http://www.ibm.com/support/docview.wss?uid=swg21663426) |
For WebSEAL
1) In ISAM LMI go to Secure Web Settings -> Manage -> Reverse Proxy -> Manage -> Configuration -> Edit Configuration File
2) Add the following lines (Do not alter other settings in place):
[system-environment-variables]
GSK_TRACE_FILE = gskit.trc
GSKTRACE_NOBUFFERING = YES
GSK_TRACE_FILE_SIZE = 30000000
GSK_TRACE_FILE_NUMBER = 10
3) Save -> Deploy -> Restart instance
4) Verify file creation (Select Reverse Proxy instance, go to Manage -> Management Root -> junction-root)
5) Should see a file named "gskit.trc"
6) Recreate the problem.
7) Edit conf file and remove/comment out the GSK* settings. (Save -> Deploy -> Restart instance)
8) Select the instance, go to Manage -> Management Root -> junction-root
Export the gskit.trc file.
Delete the gskit.trc file.
You will be asked to deploy a change. Restart the instance.
9) The gskit.trc file is a binary file and must be uploaded as such when using FTP.
For Authorization Server (9010+)
1) In ISAM LMI go to Secure Web Settings -> Authorization Server-> Manage -> Configuration-> Edit Configuration File
2) Add the following lines at bottom of the file or go to the stanza [system-environment-variables] and insert
[system-environment-variables]
GSK_TRACE_FILE = ../aznsrv/<name of ivalcd instance>/log/gskit.trc
GSKTRACE_NOBUFFERING = YES
GSK_TRACE_FILE_SIZE = 30000000
GSK_TRACE_FILE_NUMBER = 10
3) Save/Deploy changes
4) Verify file creation (Select Auth Server instance, go to Manage -> logging)
5) Should see a file named "gskit.trc"
6) Recreate issue
7) Edit conf file and remove the GSK* settings. (Save -> Deploy -> Restart instance)
8) The log can be cleared at Secure Web Settings -> Authorization Server -> manage -> logging but cannot be download. Create and submit support file (instructions: http://www.ibm.com/support/docview.wss?uid=swg21663426)
Was this topic helpful?
Document Information
Modified date:
31 July 2018
UID
swg21997169