Centralized Logs in HA Environment
To maintain logs on a centralized place for HA Environments for different components such as Portal, Web Service, REST API, Jobs Manager, Scans Manager, System Manager, Access Control, etc, please follow the steps indicated below:
Create a shared folder as your centralized logs folder.
Open SQL Server Management (or other management tool) and update the table CxComponentConfiguration for the CentralizedLogsPath key with the value being the shared path selected, by using the following SQL query:
UPDATE CxDB.[dbo].[CxComponentConfiguration] SET Value = '\\<HOST>\CxCentralizedLogs\Logs' WHERE [key] = ‘CentralizedLogsPath'
Example:
UPDATE CxDB.[dbo].[CxComponentConfiguration] SET Value= '\\172.16.10.141\CxCentralizedLogs\Logs' WHERE [key] ='CentralizedLogsPath’
3. Open each component log configuration file in the installation folder as given in column Configuration FilePath on the table below and update the paths location for each component to the shared folder selected.
Component | Configuration FilePath |
|---|---|
Web Portal | Filename: <Checkmarx Installation Path>\CheckmarxWebPortal\Web\log4net.config Example -  |
Web Service | Filename: <Checkmarx Installation Path>\Checkmarx Web Services\CxWebInterface\bin\WebServices.logging.config.json Example - |
Rest API | Filename: <Checkmarx Installation Path>\Checkmarx Web RestAPI\CxRestAPI\bin\WebAPIHost.logging.config.json Example: |
Jobs Manager | Filename: <Checkmarx Installation Path>\Checkmarx Jobs Manager\bin\JobsManager.logging.config.json Example - |
Scans Manager | Filename: <Checkmarx Installation Path>\Checkmarx Scans Manager\bin\ScansManager.logging.config.json Example: |
System Manager | Filename: <Checkmarx Installation Path>\Checkmarx System Manager\bin\SystemManager.logging.config.json Example: |
Access Control | Filename: <Checkmarx Installation Path>\Checkmarx Access Control\appsettings.json Example:
|
Engine Service |
setx CX_ES_LOGS_PATH "\<Centralized Log Path>" -mExample: |
Limitations of centralized logs path:
We cannot use single backslash(\) in log path for configuration files like C:\CxCentralizedLogs\Logs.
Logpath should be in following format
C:\\CxCentralizedLogs\\Logs
C:/CxCentralizedLogs/Logs
\\\\172.16.10.141\\CxCentralizedLogs\\Logs\\
4. After updating each component log path restart all services so changes are applied accordingly
Please refer to the following steps when you want to use a SHARED FOLDER path for log path.
Go to services.msc (on the VM the CxSAST is installed and not the shared one) and right click all the Cx services you need to restart in order to have the log path changes reflected.
Navigate to Properties
On the Log On tab, add Administrator and its valid password. Click Apply.
Also, you will need to make some changes in the IIS Manager.
Right click CxPool> Advanced Settings
In Identity field, Add Administrator as the user along with its valid password.