---
title: Logging
+command: fort
+url-log-enabled: "[`--log.enabled`](usage.html#--logenabled)"
url-log-level: "[`--log.level`](usage.html#--loglevel)"
url-log-output: "[`--log.output`](usage.html#--logoutput)"
url-log-color-output: "[`--log.color-output`](usage.html#--logcolor-output)"
url-log-file-name-format: "[`--log.file-name-format`](usage.html#--logfile-name-format)"
+url-log-facility: "[`--log.facility`](usage.html#--logfacility)"
+url-log-prefix: "[`--log.prefix`](usage.html#--logprefix)"
+url-vlog-enabled: "[`--validation-log.enabled`](usage.html#--validation-logenabled)"
+url-vlog-level: "[`--validation-log.level`](usage.html#--validation-loglevel)"
+url-vlog-output: "[`--validation-log.output`](usage.html#--validation-logoutput)"
+url-vlog-color-output: "[`--validation-log.color-output`](usage.html#--validation-logcolor-output)"
+url-vlog-file-name-format: "[`--validation-log.file-name-format`](usage.html#--validation-logfile-name-format)"
+url-vlog-facility: "[`--validation-log.facility`](usage.html#--validation-logfacility)"
+url-vlog-prefix: "[`--validation-log.prefix`](usage.html#--validation-logprefix)"
---
# {{ page.title }}
-FORT validator logging can be configured using the arguments:
-- {{ page.url-log-level }}
-- {{ page.url-log-output }}
-- {{ page.url-log-color-output }}
-- {{ page.url-log-file-name-format }}
+## Index
+
+1. [Log types](#log-types)
+ 1. [Operation](#operation)
+ 2. [Validation](#validation)
+2. [Configuration](#configuration)
+ 1. [Enabled](#enabled)
+ 2. [Output](#output)
+ 3. [Level](#level)
+ 4. [Color output](#color-output)
+ 5. [File name format](#file-name-format)
+ 6. [Facility](#facility)
+ 7. [Prefix](#prefix)
+
+## Log types
+
+Currently there are two kinds of log messages: those related to the operation, and the ones regarding RPKI objects validation.
+
+Each type is described above, as well as how it can be configured.
+
+### Operation
+
+These type of messages are the ones where the user/operator can be directly involved. Probably these messages are of greater interest to most of the RP operators.
+
+The following messages are included at the operation logs:
+- Configuration information, warnings and errors. E.g. if the location set at [`--tal`](usage.html#--tal) can't be accessed, or a configuration echo at the beginning.
+- RTR information, warnings and errors; such as server binding status, and client connections (accepted, closed or terminated).
+- SLURM information, warnings and errors. E.g. bad SLURM syntax, or SLURM data being applied in case of an error with a newer SLURM file.
+- Out of memory errors.
+- Read/write errors on local files.
+- Persistent communication errors with RPKI repositories (see [`--stale-repository-period`](usage.html#--stale-repository-period)).
+- Start and end of a validation cycle, including: number of valid Prefixes and Router Keys, current RTR serial number (only when [`--mode=server`](usage.html#--mode), and real execution time.
+- Programming errors (of course, those that could be expected due to an API misuse).
+
+### Validation
+
+These type of messages are the ones related to one of the main tasks performed by FORT validator: the RPKI validation. So, they are useful to know the current RPKI state.
-## Log output
+All this messages are result of RPKI objects (certificates, CRLs, ROAs, etc.) processing, so probably the operator can't take a direct action trying to solve an error logged here, but it can get to know if something is wrong at the data published at the RPKI repositories.
+
+Here are some examples of messages included at the validation logs:
+- Validation failures causing an RPKI object rejection (e.g. expired certificate).
+- Suspicious validation outcome, but the RPKI object isn't rejected (e.g. serial numbers duplicated).
+- An [incidence](incidence.html).
+- RRDP file information, warnings and errors.
+
+>  These messages are disabled by default, in order to enable them set [`--validation-log.enabled=true`](usage.html#--validation-logenabled).
+
+## Configuration
+
+Both type of logs share a set of configuration arguments, each one of them applying to the corresponding log type.
+
+The operation log arguments are those that have the prefix `log.`, while the validation log arguments begin with `validation-log.`. The next suffixes can be added to configure each log type:
+- [`enabled`](#enabled)
+- [`level`](#level)
+- [`output`](#output)
+- [`color-output`](#color-output)
+- [`file-name-format`](#file-name-format)
+- [`facility`](#facility)
+- [`prefix`](#prefix)
+
+For instance, to enable the validation log the argument {{ page.url-vlog-enabled }} should be used (prefix: `validation-log.`, suffix: `enabled`).
+
+The following sub-sections describe how each argument works.
+
+### Enabled
+
+Enables the corresponding log. If disabled (e.g. `--log.enabled=false`) none of the corresponding messages will be logged.
+
+The arguments of each log type are:
+- {{ page.url-log-enabled }}
+- {{ page.url-vlog-enabled }}
+
+### Output
During the brief period in which configuration has not been completely parsed yet (and therefore, the validator is not yet aware of the desired log output), the standard streams and syslog are used simultaneously.
-Once the configuration has been loaded, all the log messages will be printed at the configured {{ page.url-log-output }}, which can have two values:
-- `syslog`: all logging is sent to syslog, using **LOG_DAEMON** facility.
+Once the configuration has been loaded, all the log messages will be printed at the configured `*.output`, which can have two values:
+- `syslog`: all logging is sent to syslog, using the configured [`*.facility`](#facility).
- `console`: informational and debug messages are printed in standard output, error and critical messages are thrown to standard error.
> Syslog configuration and usage is out of this docs scope, here's a brief introduction from [Wikipedia](https://en.wikipedia.org/wiki/Syslog). You can do some research according to your prefered OS distro to familiarize with syslog, since distinct implementations exists (the most common are: syslog, rsyslog, and syslog-ng).
-## Log level
+The arguments of each log type are:
+- {{ page.url-log-output }}
+- {{ page.url-vlog-output }}
+
+### Level
-The {{ page.url-log-level }} argument defines which messages will be logged according to its priority. Any log message of equal or higher importance to the one configured, will be logged, e.g. a value of `info` will log messages of equal or higher level (`info`, `warning`, and `error`).
+The `*.level` argument defines which messages will be logged according to its priority. Any log message of equal or higher importance to the one configured, will be logged, e.g. a value of `info` will log messages of equal or higher level (`info`, `warning`, and `error`).
-The validator uses exactly five levels of priority (they're just some of all the syslog priority levels), but only four of them can be utilized in {{ page.url-log-output }}. These are their meanings and priority from highest to lowest:
+The validator uses exactly five levels of priority (they're just some of all the syslog priority levels), but only four of them can be utilized in the configured [`*.output`](#output). These are their meanings and priority from highest to lowest:
- `crit`: Programming errors. (These lead to program termination.)
- - **This level can't be indicated at {{ page.url-log-level }}**, since `error` and `crit` messages are relevant for an adequate operation.
-- `error`: Validation failures. (RPKI object rejected.)
-- `warning`: Suspicious validation outcome. (RPKI object not rejected.)
-- `info`: Information deemed useful to the user:
- - Configuration echo at the beginning.
- - Server binding status.
- - Start and end of a validation cycle, including: number of valid Prefixes and Router Keys, current RTR serial number (only when [`--mode=server`](usage.html#--mode), and real execution time.
- - SLURM version applied in case of a syntax error or invalid data at the newest loaded SLURM configured at [`--slurm`](usage.html#--slurm).
- - RTR client connection accepted, closed or terminated.
+ - **This level can't be indicated at `level`**, since `error` and `crit` messages are relevant for an adequate operation.
+- `error`: A failure that can stop an internal task (e.g. a certificate has expired so the childs are discarded) or is definitely an operational problem (e.g. no more memory can be allocated).
+- `warning`: Something suspicious, but not a stopper for a task.
+- `info`: Information deemed useful to the user.
- `debug`: Information deemed useful to the developer. Expect a lot of messages when utilized.
-## Log color output
+The arguments of each log type are:
+- {{ page.url-log-level }}
+- {{ page.url-vlog-level }}
+
+### Color output
-The flag {{ page.url-log-color-output }} is only meaningful when {{ page.url-log-output }} is `console` (it doesn't affect to `syslog`). When the flag is enabled, the log messages will have the following colors according to its priority:
+The flag `*.color-output` is only meaningful when [`*.output`](#output) is `console` (it doesn't affect to `syslog`). When the flag is enabled, the log messages will have the following colors according to its priority:
- `crit`: <span style="color:magenta">CYAN</span>
- `error`: <span style="color:red">RED</span>
- `warning`: <span style="color:orange">ORANGE</span>
- `info`: <span style="color:lightgray">LIGHT GRAY</span>
- `debug`: <span style="color:cyan">CYAN</span>
-## Log file name format
+These are some examples of how the logs could be displayed when the flag is enabled:
+<pre><code class="terminal">$ {{ page.command }} --log.color-output --validation-log.color-output (...)
+<span style="color:cyan">DBG: Manifest '62gPOPXWxxu0sQa4vQZYUBLaMbY.mft' {</span>
+<span style="color:lightgray">INF: Configuration {</span>
+<span style="color:orange">WRN: H2jRmyC2M.mft: The signature algorithm has parameters.</span>
+<span style="color:red">ERR: H2jRmyC2M.mft: Certificate validation failed: certificate has expired</span>
+<span style="color:magenta">CRT: Programming error: Array size is 1 but array is NULL.</span>
+</code></pre>
+
+The arguments of each log type are:
+- {{ page.url-log-color-output }}
+- {{ page.url-vlog-color-output }}
+
+### File name format
+
+Decides which version of file names should be printed during most debug/error messages. It can have the values:
+- `global-url`: Prints the global name of the file; the URL that can be used to download it (always starts with `rsync://` or `https://`).
+- `local-path`: Prints a path that points to the local cached version of the file (always starts with [`--local-repository`](usage.html#--local-repository)'s value).
+- `file-name`: Strips prefixes, leaving only the base name of the file (including extension).
+
+Suppose a certificate was downloaded from `rsync://rpki.example.com/foo/bar/baz.cer` into the local cache `repository/`:
+
+- `global-url`: Will print the certificate's name as `rsync://rpki.example.com/foo/bar/baz.cer`.
+- `local-path`: Will print the certificate's name as `repository/rpki.example.com/foo/bar/baz.cer`.
+- `file-name`: Will print the certificate's name as `baz.cer`.
+
+{% highlight bash %}
+$ {{ page.command }} --validation-log.file-name-format=global-url --local-repository=repository/ (...)
+ERR: rsync://rpki.example.com/foo/bar/baz.cer: Certificate validation failed: certificate has expired
+
+$ {{ page.command }} --validation-log.file-name-format=local-path --local-repository=repository/ (...)
+ERR: repository/rpki.example.com/foo/bar/baz.cer: Certificate validation failed: certificate has expired
+
+$ {{ page.command }} --validation-log.file-name-format=file-name --local-repository=repository/ (...)
+ERR: baz.cer: Certificate validation failed: certificate has expired
+{% endhighlight %}
+
+This flag affects any of the log output configured at [`*.output`](#output) (`syslog` and `console`).
+
+The arguments of each log type are:
+- {{ page.url-log-file-name-format }}
+- {{ page.url-vlog-file-name-format }}
+
+### Facility
+
+Sets the syslog facility, so it's only meaningful when [`*.output`](#output) is `syslog`.
+
+Currently the supported facilites are:
+
+--|--|--|--|--|--
+auth | daemon | mail | uucp | local2 | local5
+authpriv | ftp | news | local0 | local3 | local6
+cron | lpr | user | local1 | local4 | local7
+
+
+You could read more about facilites [here](https://en.wikipedia.org/wiki/Syslog#Facility) (since it's out of this docs scope).
+
+The arguments of each log type are:
+- {{ page.url-log-facility }}
+- {{ page.url-vlog-facility }}
+
+### Prefix
+
+Text prefix that will be added to each message of the corresponding log type. The prefix will be added after the message level, inside square brackets.
+
+It's a simple mean to differentiate each message according to its type, probably useful if the [`*.output`](#output) is the same for both log types.
+
+E.g. If a validation error is found, it could be logged like this:
+{% highlight bash %}
+$ {{ page.command }} --validation-log.prefix="Validation" (...)
+ERR [Validation]: rsync://rpki.example.com/foo/bar/baz.cer: Certificate validation failed: certificate has expired
+{% endhighlight %}
-The flag {{ page.url-log-file-name-format }} defines how the file names will be printed at the logs output, see more details at [Program Arguments > Arguments > --log.file-name-format](usage.html#--logfile-name-format).
+The arguments of each log type are:
+- {{ page.url-log-prefix }}
+- {{ page.url-vlog-prefix }}
16. [`--server.interval.retry`](#--serverintervalretry)
17. [`--server.interval.expire`](#--serverintervalexpire)
18. [`--slurm`](#--slurm)
- 19. [`--log.level`](#--loglevel)
- 20. [`--log.output`](#--logoutput)
- 21. [`--log.color-output`](#--logcolor-output)
- 22. [`--log.file-name-format`](#--logfile-name-format)
- 23. [`--http.user-agent`](#--httpuser-agent)
- 24. [`--http.connect-timeout`](#--httpconnect-timeout)
- 25. [`--http.transfer-timeout`](#--httptransfer-timeout)
- 26. [`--http.idle-timeout`](#--httpidle-timeout)
- 27. [`--http.ca-path`](#--httpca-path)
- 28. [`--output.roa`](#--outputroa)
- 29. [`--output.bgpsec`](#--outputbgpsec)
- 30. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
- 31. [`--stale-repository-period`](#--stale-repository-period)
- 32. [`--configuration-file`](#--configuration-file)
- 33. [`--rrdp.enabled`](#--rrdpenabled)
- 34. [`--rrdp.priority`](#--rrdppriority)
- 35. [`--rrdp.retry.count`](#--rrdpretrycount)
- 36. [`--rrdp.retry.interval`](#--rrdpretryinterval)
- 37. [`--rsync.enabled`](#--rsyncenabled)
- 38. [`--rsync.priority`](#--rsyncpriority)
- 39. [`--rsync.strategy`](#--rsyncstrategy)
+ 19. [`--log.enabled`](#--logenabled)
+ 20. [`--log.level`](#--loglevel)
+ 21. [`--log.output`](#--logoutput)
+ 22. [`--log.color-output`](#--logcolor-output)
+ 23. [`--log.file-name-format`](#--logfile-name-format)
+ 24. [`--log.facility`](#--logfacility)
+ 25. [`--log.prefix`](#--logprefix)
+ 26. [`--validation-log.enabled`](#--validation-logenabled)
+ 27. [`--validation-log.level`](#--validation-loglevel)
+ 28. [`--validation-log.output`](#--validation-logoutput)
+ 29. [`--validation-log.color-output`](#--validation-logcolor-output)
+ 30. [`--validation-log.file-name-format`](#--validation-logfile-name-format)
+ 31. [`--validation-log.facility`](#--validation-logfacility)
+ 32. [`--validation-log.prefix`](#--validation-logprefix)
+ 33. [`--http.user-agent`](#--httpuser-agent)
+ 34. [`--http.connect-timeout`](#--httpconnect-timeout)
+ 35. [`--http.transfer-timeout`](#--httptransfer-timeout)
+ 36. [`--http.idle-timeout`](#--httpidle-timeout)
+ 37. [`--http.ca-path`](#--httpca-path)
+ 38. [`--output.roa`](#--outputroa)
+ 39. [`--output.bgpsec`](#--outputbgpsec)
+ 40. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
+ 41. [`--stale-repository-period`](#--stale-repository-period)
+ 42. [`--configuration-file`](#--configuration-file)
+ 43. [`--rrdp.enabled`](#--rrdpenabled)
+ 44. [`--rrdp.priority`](#--rrdppriority)
+ 45. [`--rrdp.retry.count`](#--rrdpretrycount)
+ 46. [`--rrdp.retry.interval`](#--rrdpretryinterval)
+ 47. [`--rsync.enabled`](#--rsyncenabled)
+ 48. [`--rsync.priority`](#--rsyncpriority)
+ 49. [`--rsync.strategy`](#--rsyncstrategy)
1. [`strict`](#strict)
2. [`root`](#root)
3. [`root-except-ta`](#root-except-ta)
- 40. [`--rsync.retry.count`](#--rsyncretrycount)
- 41. [`--rsync.retry.interval`](#--rsyncretryinterval)
- 42. [`rsync.program`](#rsyncprogram)
- 43. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
- 44. [`rsync.arguments-flat`](#rsyncarguments-flat)
- 45. [`incidences`](#incidences)
+ 50. [`--rsync.retry.count`](#--rsyncretrycount)
+ 51. [`--rsync.retry.interval`](#--rsyncretryinterval)
+ 52. [`rsync.program`](#rsyncprogram)
+ 53. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
+ 54. [`rsync.arguments-flat`](#rsyncarguments-flat)
+ 55. [`incidences`](#incidences)
## Syntax
[--server.interval.retry=<unsigned integer>]
[--server.interval.expire=<unsigned integer>]
[--slurm=<file>|<directory>]
+ [--log.enabled=true|false]
[--log.level=error|warning|info|debug]
[--log.output=syslog|console]
[--log.color-output]
[--log.file-name-format=global-url|local-path|file-name]
+ [--log.facility=auth|authpriv|cron|daemon|ftp|kern|lpr|mail|news|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7]
+ [--log.prefix=<string>]
+ [--validation-log.enabled=true|false]
+ [--validation-log.level=error|warning|info|debug]
+ [--validation-log.output=syslog|console]
+ [--validation-log.color-output]
+ [--validation-log.file-name-format=global-url|local-path|file-name]
+ [--validation-log.facility=auth|authpriv|cron|daemon|ftp|kern|lpr|mail|news|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7]
+ [--validation-log.prefix=<string>]
[--rrdp.enabled=true|false]
[--rrdp.priority=<unsigned integer>]
[--rrdp.retry.count=<unsigned integer>]
SLURM file, or directory containing SLURM files. See [SLURM](slurm.html).
+### `--log.enabled`
+
+- **Type:** Boolean (`true`, `false`)
+- **Availability:** `argv` and JSON
+- **Default:** `true`
+
+Enables the operation logs.
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Enabled](logging.html#enabled).
+
### `--log.level`
- **Type:** Enumeration (`error`, `warning`, `info`, `debug`)
- **Availability:** `argv` and JSON
- **Default:** `warning`
-Defines which messages will be logged according to its priority, e.g. a value of `info` will log messages of equal or higher level (`info`, `warning`, and `error`).
+Defines which operation log messages will be logged according to its priority, e.g. a value of `info` will log messages of equal or higher level (`info`, `warning`, and `error`).
The priority levels, from higher to lowest, are:
- `error`
- `info`
- `debug`
-Read more at [Logging > Log level](logging.html#log-level).
+Read more at [Logging](logging.html) and at [Logging > Configuration > Level](logging.html#level).
### `--log.output`
- **Availability:** `argv` and JSON
- **Default:** `console`
-Desired output where the logs will be printed.
+Desired output where the operation logs will be printed.
The value `console` will log messages at standard output and standard error; `syslog` will log to [Syslog](https://en.wikipedia.org/wiki/Syslog).
-Read more at [Logging > Log output](logging.html#log-output).
+Read more at [Logging](logging.html) and at [Logging > Configuration > Output](logging.html#output).
### `--log.color-output`
-- **Type:** None
+- **Type:** Boolean (`true`, `false`)
- **Availability:** `argv` and JSON
+- **Default:** `false`
-If enabled, the logging output will contain ANSI color codes. Meant for human consumption:
+If enabled, the operation logs output will contain ANSI color codes. Meant for human consumption, and meaningful only if [`--log.output`](#--logoutput) is `console`.
-<pre><code class="terminal">$ {{ page.command }} --color-output (...)
-<span style="color:cyan">DBG: Manifest '62gPOPXWxxu0sQa4vQZYUBLaMbY.mft' {</span>
-<span style="color:lightgray">INF: Configuration {</span>
-<span style="color:orange">WRN: H2jRmyC2M.mft: The signature algorithm has parameters.</span>
-<span style="color:red">ERR: H2jRmyC2M.mft: Certificate validation failed: certificate has expired</span>
-<span style="color:magenta">CRT: Programming error: Array size is 1 but array is NULL.</span>
-</code></pre>
-
-At present, this flag only affects if [`--log.output`](#--logoutput) is `console`. Color codes are not sent to `syslog`, regardless of this flag.
+Read more at [Logging](logging.html) and at [Logging > Configuration > Color output](logging.html#color-output).
### `--log.file-name-format`
- **Availability:** `argv` and JSON
- **Default:** `global-url`
-Decides which version of file names should be printed during most debug/error messages.
+Decides which version of file names should be printed during most debug/error messages at the operation logs.
-- `global-url`: Prints the global name of the file; the URL that can be used to download it. (Always starts with `rsync://`.)
-- `local-path`: Prints a path that points to the local cached version of the file. (Always starts with [`--local-repository`](#--local-repository)'s value.)
-- `file-name`: Strips prefixes, leaving only the base name of the file (including extension).
+Read more at [Logging](logging.html) and at [Logging > Configuration > File name format](logging.html#file-name-format).
-Suppose a certificate was downloaded from `rsync://rpki.example.com/foo/bar/baz.cer` into the local cache `repository/`:
+### `--log.facility`
-- `global-url`: Will print the certificate's name as `rsync://rpki.example.com/foo/bar/baz.cer`.
-- `local-path`: Will print the certificate's name as `repository/rpki.example.com/foo/bar/baz.cer`.
-- `file-name`: Will print the certificate's name as `baz.cer`.
+- **Type:** Enumeration (`auth`, `authpriv`, `cron`, `daemon`, `ftp`, `lpr`, `mail`, `news`, `user`, `uucp`, from `local0` to `local7`)
+- **Availability:** `argv` and JSON
+- **Default:** `daemon`
-{% highlight bash %}
-$ {{ page.command }} --log.file-name-format global-url --local-repository repository/ (...)
-ERR: rsync://rpki.example.com/foo/bar/baz.cer: Certificate validation failed: certificate has expired
+Syslog facility utilized for operation logs (meaningful only if [`--log.output`](#--logoutput) is `syslog`).
-$ {{ page.command }} --log.file-name-format local-path --local-repository repository/ (...)
-ERR: repository/rpki.example.com/foo/bar/baz.cer: Certificate validation failed: certificate has expired
+Read more at [Logging](logging.html) and at [Logging > Configuration > Facility](logging.html#facility).
-$ {{ page.command }} --log.file-name-format file-name --local-repository repository/ (...)
-ERR: baz.cer: Certificate validation failed: certificate has expired
-{% endhighlight %}
+### `--log.prefix`
+
+- **Type:** String
+- **Availability:** `argv` and JSON
+- **Default:** `NULL`
+
+Text prefix that will be added to the operation log messages (it will appear inside square brackets).
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Prefix](logging.html#prefix).
+
+### `--validation-log.enabled`
+
+- **Type:** Boolean (`true`, `false`)
+- **Availability:** `argv` and JSON
+- **Default:** `false`
+
+Enables the validation logs.
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Enabled](logging.html#enabled).
+
+### `--validation-log.level`
+
+- **Type:** Enumeration (`error`, `warning`, `info`, `debug`)
+- **Availability:** `argv` and JSON
+- **Default:** `warning`
+
+Defines which validation log messages will be logged according to its priority, e.g. a value of `info` will log messages of equal or higher level (`info`, `warning`, and `error`).
+
+The priority levels, from higher to lowest, are:
+- `error`
+- `warning`
+- `info`
+- `debug`
-This flag affects any of the log output configured at [`--log.output`](#--logoutput) (`syslog` and `console`).
+Read more at [Logging](logging.html) and at [Logging > Configuration > Level](logging.html#level).
+
+### `--validation-log.output`
+
+- **Type:** Enumeration (`syslog`, `console`)
+- **Availability:** `argv` and JSON
+- **Default:** `console`
+
+Desired output where the validation logs will be printed.
+
+The value `console` will log messages at standard output and standard error; `syslog` will log to [Syslog](https://en.wikipedia.org/wiki/Syslog).
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Output](logging.html#output).
+
+### `--validation-log.color-output`
+
+- **Type:** Boolean (`true`, `false`)
+- **Availability:** `argv` and JSON
+- **Default:** `false`
+
+If enabled, the validation logs output will contain ANSI color codes. Meant for human consumption, and meaningful only if [`--validation-log.output`](#--validation-logoutput) is `console`.
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Color output](logging.html#color-output).
+
+### `--validation-log.file-name-format`
+
+- **Type:** Enumeration (`global-url`, `local-path`, `file-name`)
+- **Availability:** `argv` and JSON
+- **Default:** `global-url`
+
+Decides which version of file names should be printed during most debug/error messages at the operation logs.
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > File name format](logging.html#file-name-format).
+
+### `--validation-log.facility`
+
+- **Type:** Enumeration (`auth`, `authpriv`, `cron`, `daemon`, `ftp`, `lpr`, `mail`, `news`, `user`, `uucp`, from `local0` to `local7`)
+- **Availability:** `argv` and JSON
+- **Default:** `daemon`
+
+Syslog facility utilized for validation logs (meaningful only if [`--validation-log.output`](#--validation-logoutput) is `syslog`).
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Facility](logging.html#facility).
+
+### `--validation-log.prefix`
+
+- **Type:** String
+- **Availability:** `argv` and JSON
+- **Default:** `Validation`
+
+Text prefix that will be added to the validation log messages (it will appear inside square brackets).
+
+Read more at [Logging](logging.html) and at [Logging > Configuration > Prefix](logging.html#prefix).
### `--http.user-agent`
{
"name": "incid-obj-not-der-encoded",
"action": "ignore"
+ },
+ {
+ "name": "incid-file-at-mft-not-found",
+ "action": "error"
+ },
+ {
+ "name": "incid-file-at-mft-hash-not-match",
+ "action": "error"
}
],
},
"slurm": "/tmp/fort/",
"log": {
+ "enable": true,
"level": "warning",
"output": "console",
"color-output": false,
- "file-name-format": "global-url"
+ "file-name-format": "global-url",
+ "facility": "daemon"
+ },
+ "validation-log": {
+ "enable": false,
+ "level": "warning",
+ "output": "console",
+ "color-output": false,
+ "file-name-format": "global-url",
+ "facility": "daemon",
+ "prefix": "[Validation]"
},
"http": {
"user-agent": "fort/1.3.0",
-.TH fort 8 "2020-02-07" "v1.3.0" "FORT validator"
+.TH fort 8 "2020-05-21" "v1.3.0" "FORT validator"
.SH NAME
fort \- RPKI certificate path validator and RTR server
.RE
.P
+.B \-\-log.enabled=\fItrue\fR|\fIfalse\fR
+.RS 4
+Enables the operation logs.
+.P
+By default, it has a value of \fItrue\fR (these logs are enabled).
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
.BR \-\-log.level=(\fIerror\fR|\fIwarning\fR|\fIinfo\fR|\fIdebug\fR)
.RS 4
-Defines which messages will be logged according to its priority, e.g. a value
-of \fIinfo\fR will log messages of equal or higher level (\fIinfo\fR,
-\fIwarning\fR, and \fIerror\fR).
+Defines which operation log messages will be logged according to its priority,
+e.g. a value of \fIinfo\fR will log messages of equal or higher level
+(\fIinfo\fR, \fIwarning\fR, and \fIerror\fR).
.P
The priority levels, from higher to lowest, are:
.RS 4
.RE
.P
By default, it has a value of \fIwarning\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
.RE
.P
.BR \-\-log.output=(\fIsyslog\fR|\fIconsole\fR)
.RS 4
-Desired output where the logs will be printed.
+Desired output where the operation logs will be printed.
.P
The value \fIconsole\fR will log messages at standard output and standard error;
\fIsyslog\fR will log to syslog.
.P
By default, it has a value of \fIconsole\fR.
.P
-More information about Logging can be consulted at FORT's web docs.
+Read more about logs at FORT validator's web docs, module 'Logging'.
.RE
.P
-.BR \-c ", " \-\-log.color-output
+.BR \-c ", " \-\-log.color-output=\fItrue\fR|\fIfalse\fR
.RS 4
-If enabled, the logging output will contain ANSI color codes. Meant for human
-consumption.
+If enabled, the operation logs output will contain ANSI color codes. Meant for
+human consumption.
.P
Meaningful only if \fI--log.output\fR value is \fIconsole\fR.
+.P
+By default, it has a value of \fIfalse\fR (it's disabled).
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.B \-\-log.file-name-format=(\fIglobal-url\fR | \fIlocal-path\fR |
+.B \fIfile-name\fR)
+.RS 4
+Decides which version of file names should be printed during most debug/error
+messages at the operation logs.
+.P
+Suppose a certificate was downloaded from
+`rsync://rpki.example.com/foo/bar/baz.cer` into the local cache `repository/`:
+.P
+.I global-url
+.RS 4
+Will print the certificate's name as `rsync://rpki.example.com/foo/bar/baz.cer`.
+.RE
+.P
+.I local-path
+.RS 4
+Will print the certificate's name as
+`repository/rpki.example.com/foo/bar/baz.cer`.
+.RE
+.P
+.I file-name
+.RS 4
+Will print the certificate's name as `baz.cer`.
+.RE
+.P
+By default, it has a value of \fIglobal-url\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.B \-\-log.facility=(\fIauth\fR | \fIauthpriv\fR | \fIcron\fR | \fIdaemon\fR |
+\fIftp\fR | \fIlpr\fR | \fImail\fR | \fInews\fR | \fIuser\fR | \fIuucp\fR |
+from \fIlocal0\fR to \fIlocal7\fR)
+.RS 4
+Syslog facility utilized for operation logs (meaningful only if
+\fI--log.output\fR is \fIsyslog\fR).
+.P
+By default, it has a value of \fIdaemon\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.B \-\-log.prefix=\fISTRING\fR
+.RS 4
+Text prefix that will be added to the operation log messages (it will appear
+inside square brackets).
+.P
+By default, it has a NULL value.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.B \-\-validation-log.enabled=\fItrue\fR|\fIfalse\fR
+.RS 4
+Enables the validation logs.
+.P
+By default, it has a value of \fIfalse\fR (these logs are disabled).
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.BR \-\-validation-log.level=(\fIerror\fR|\fIwarning\fR|\fIinfo\fR|\fIdebug\fR)
+.RS 4
+Defines which validation log messages will be logged according to its priority,
+e.g. a value of \fIinfo\fR will log messages of equal or higher level
+(\fIinfo\fR, \fIwarning\fR, and \fIerror\fR).
+.P
+The priority levels, from higher to lowest, are:
+.RS 4
+.br
+- \fIerror\fR
+.br
+- \fIwarning\fR
+.br
+- \fIinfo\fR
+.br
+- \fIdebug\fR
+.RE
+.P
+By default, it has a value of \fIwarning\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.BR \-\-validation-log.output=(\fIsyslog\fR|\fIconsole\fR)
+.RS 4
+Desired output where the validation logs will be printed.
+.P
+The value \fIconsole\fR will log messages at standard output and standard error;
+\fIsyslog\fR will log to syslog.
+.P
+Depending on the OS, distinct implementations of syslog could be installed
+(syslog, rsyslog, or syslog-ng are the most common ones). Syslog usage and
+configuration is out of this man scope.
+.P
+By default, it has a value of \fIconsole\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.BR \-c ", " \-\-validation-log.color-output=\fItrue\fR|\fIfalse\fR
+.RS 4
+If enabled, the validation logs output will contain ANSI color codes. Meant for
+human consumption.
+.P
+Meaningful only if \fI--validation-log.output\fR value is \fIconsole\fR.
+.P
+By default, it has a value of \fIfalse\fR (it's disabled).
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
.RE
.P
-.B \-\-log.file-name-format=(\fIglobal-url\fR|\fIlocal-path\fR|\fIfile-name\fR)
+.B \-\-validation-log.file-name-format=(\fIglobal-url\fR | \fIlocal-path\fR |
+.B \fIfile-name\fR)
.RS 4
Decides which version of file names should be printed during most debug/error
-messages.
+messages at the validation logs.
.P
Suppose a certificate was downloaded from
`rsync://rpki.example.com/foo/bar/baz.cer` into the local cache `repository/`:
Will print the certificate's name as `baz.cer`.
.RE
.P
+By default, it has a value of \fIglobal-url\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
.RE
+.P
+
+.B \-\-validation-log.facility=(\fIauth\fR | \fIauthpriv\fR | \fIcron\fR |
+\fIdaemon\fR | \fIftp\fR | \fIlpr\fR | \fImail\fR | \fInews\fR | \fIuser\fR |
+\fIuucp\fR | from \fIlocal0\fR to \fIlocal7\fR)
+.RS 4
+Syslog facility utilized for validation logs (meaningful only if
+\fI--validation-log.output\fR is \fIsyslog\fR).
+.P
+By default, it has a value of \fIdaemon\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
+
+.B \-\-validation-log.prefix=\fISTRING\fR
+.RS 4
+Text prefix that will be added to the validation log messages (it will appear
+inside square brackets).
+.P
+By default, it has the value \fIValidation\fR.
+.P
+Read more about logs at FORT validator's web docs, module 'Logging'.
+.RE
+.P
.BR \-\-http.user\-agent=\fISTRING\fR
.RS 4
}
},
"log": {
+ "enabled": true,
+ "level": "warning",
+ "output": "console",
+ "color-output": true,
+ "file-name-format": "local-path",
+ "facility": "daemon",
+ "prefix": "Operation"
+ },
+ "validation-log": {
+ "enabled": false,
"level": "warning",
"output": "console",
"color-output": true,
- "file-name-format": "local-path"
+ "file-name-format": "local-path",
+ "facility": "daemon",
+ "prefix": "Validation"
},
"http": {
"user-agent": "fort/1.3.0",
{
"name": "incid-obj-not-der-encoded",
"action": "ignore"
+ },
+ {
+ "name": "incid-file-at-mft-not-found",
+ "action": "error"
+ },
+ {
+ "name": "incid-file-at-mft-hash-not-match",
+ "action": "error"
}
],
"output": {
projects / thirdparty / FORT-validator.git / commitdiff
