Centralized Logs in HA Environment

Owned by Eliezer Basner (Unlicensed)
Last updated: Jul 07, 2022

To maintain logs on a centralized place for HA Environments for different components such as Portal, Web Service, REST API, Jobs Manager, Scans Manager, System Manager, Access Control, etc, please follow the steps indicated below:

  1. Create a shared folder as your centralized logs folder.

  2. Open SQL Server Management (or other management tool) and update the table CxComponentConfiguration for the CentralizedLogsPath key with the value being the shared path selected, by using the following SQL query:

    UPDATE CxDB.[dbo].[CxComponentConfiguration] SET Value = '\\<HOST>\CxCentralizedLogs\Logs' WHERE [key] = ‘CentralizedLogsPath'

Example:

UPDATE CxDB.[dbo].[CxComponentConfiguration] SET Value= '\\172.16.10.141\CxCentralizedLogs\Logs' WHERE [key] ='CentralizedLogsPath’

3. Open each component log configuration file in the installation folder as given in column Configuration FilePath on the table below and update the paths location for each component to the shared folder selected.

Component

Configuration FilePath

Component

Configuration FilePath

Web Portal

Filename:

<Checkmarx Installation Path>\CheckmarxWebPortal\Web\log4net.config

Example -

Web Service

Filename:

<Checkmarx Installation Path>\Checkmarx Web Services\CxWebInterface\bin\WebServices.logging.config.json

Example -

Rest API

Filename:

<Checkmarx Installation Path>\Checkmarx Web RestAPI\CxRestAPI\bin\WebAPIHost.logging.config.json

Example:

Jobs Manager

Filename:

<Checkmarx Installation Path>\Checkmarx Jobs Manager\bin\JobsManager.logging.config.json

Example -

Scans Manager

Filename:

<Checkmarx Installation Path>\Checkmarx Scans Manager\bin\ScansManager.logging.config.json

Example:

System Manager

Filename:

<Checkmarx Installation Path>\Checkmarx System Manager\bin\SystemManager.logging.config.json

Example:

Access Control

Filename:

<Checkmarx Installation Path>\Checkmarx Access Control\appsettings.json

Example:

 

Engine Service

  • Open Command prompt and update log path using the command below:

setx CX_ES_LOGS_PATH "\<Centralized Log Path>" -m

Example:

setx CX_ES_LOGS_PATH "\\172.16.10.141\CxCentralizedLogs\Logs" -m

  • Limitations of centralized logs path:

    • We cannot use single backslash(\) in log path for configuration files like C:\CxCentralizedLogs\Logs.

    • Logpath should be in following format

      • C:\\CxCentralizedLogs\\Logs

      • C:/CxCentralizedLogs/Logs

      • \\\\172.16.10.141\\CxCentralizedLogs\\Logs\\

4. After updating each component log path restart all services so changes are applied accordingly

Please refer to the following steps when you want to use a SHARED FOLDER path for log path.

  • Go to services.msc (on the VM the CxSAST is installed and not the shared one) and right click all the Cx services you need to restart in order to have the log path changes reflected.

  • Navigate to Properties

  • On the Log On tab, add Administrator and its valid password. Click Apply.

     

Also, you will need to make some changes in the IIS Manager.

  • Right click CxPool> Advanced Settings

In Identity field, Add Administrator as the user along with its valid password.