Skip to main content

Configure Logging in Tomcat

Hands-On Lab

 

Photo of

Training Architect

Length

00:30:00

Difficulty

Intermediate

Welcome to this hands-on lab, where we'll configure logging in Tomcat.

We are using Apache's Tomcat, a Java-based application platform built around deploying and managing Java Web Applications. The server provided in this lab environment is running Red Hat Enterprise 8 and has Tomcat 9 pre-installed for you. The Tomcat instance is available on port 8080.

You will log into the server and ensure that logging is enabled and operational, and that logs are going to the correct location.

You will check that accessing the Manager App in the GUI is logging to the correct log files.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Configure Logging in Tomcat

Introduction

Welcome to this hands-on lab, where we'll configure logging in Tomcat.

We are using Apache's Tomcat, a Java-based application platform built around deploying and managing Java Web Applications. The server provided in this lab environment is running Red Hat Enterprise 8 and has Tomcat 9 pre-installed for you. The Tomcat instance is available on port 8080.

You will log into the server and ensure that logging is enabled and operational, and that logs are going to the correct location.

You will check that accessing the Manager App in the GUI is logging to the correct log files.

The Scenario

You have been tasked with enabling the logging for the Tomcat Manager Application. Someone noticed that logs recording users signing into the application were not showing up in the correct place.

Automated tools that capture the logs should be putting them in /usr/local/tomcat9/logs. If logs go anywhere else, that needs to be resolved, because it is both a security and an audit issue.

Performing all of the tasks that are laid out will accomplish this. A successful hands-on lab will have you able to see that when you access pages on the Tomcat Manager App via the GUI, the access is being logged into the correct log file under /usr/local/tomcat9/logs.

Note: It may take 3 to 10 minutes after the hands-on lab has started before you are able to log into the server. This is fine and will not affect the performance of the tasks for the hands-on lab.

Logging In

Use the credentials provided on the hands-on lab page, and log in to the provided server as cloud_user. Note that this is for connecting to the server and also to the Tomcat GUI.

Test to Ensure You Can Access the Preconfigured Tomcat Instances on Port 8080

Connect to the Tomcat GUI in a web browser by visiting the server's public IP address on port 8080. For example, if the server's IP address was 3.92.152.3, then this is the URL you'd type into the browser:

http://3.92.152.3:8080

You should see the Tomcat GUI.

Examine the logging.properties File and Check for Any Incorrect Entries

Log into the server via SSH. We'll want root privileges right away, so get them with this command:

sudo su -

Now get into our Tomcat installation's folder:

cd /usr/local/tomcat9/

Run a quick ll command to see what's here. Something looks funny. We've got a logs directory, but we've also got a loogs directory. If we run ll logs and ll loogs, we'll see that the loogs directory is the one receiving logs. There's probably a typo somewhere in our configuration.

Fix Any Incorrect Entries in the logging.properties File

Edit the logging.properties file:

vim conf/logging.properties

Go down to the Handler specific properties section, and we can see the errors. There are four spots that read ${catalina.base}/loogs, and we need to change all of those to ${catalina.base}/logs. Once those edits are made, save and exit the file.

When we're back out at the command line, we can restart Tomcat so that the changes take effect:

systemctl restart tomcat

Test to Make Sure Your Tomcat Server Is Logging Correctly

Remove the misspelled directory:

rm -rf loogs

Refresh the browser page we had open to the Tomcat GUI, and click on Manager App. Log in with the same credentials we used for SSH.

Now, back in our terminal, run the ll command again, to make sure loogs didn't reappear. Run ll logs/, and we should see that all of the logs are in there now.

Conclusion

One little o in a configuration file can make quite a difference. But we've fixed things. Congratulations on completing this hands-on lab!