Shibboleth Developers

["Cantor, Scott E." <>]

On 2/8/11 4:59 PM, "Chad La Joie" 
<>
 wrote:
>I agree with pretty much all of that.  One question I have though is
>what you think you'd use the user-agent for?

We've had that come up here occasionally actually. It seems to be the case
that you want as much as you can get in the audit log (which unless I do a
separate "request" log is sort of also a "SAML request/response log") to
correlate to activity on various servers.

>I'd also suggest adding a field that indicates whether the request
>errored out somehow (as far as the SP is concerned).  The error itself
>can still be in the normal shibd log, but just a T/F indicator in the
>audit log would help with reporting.

I think that expands the potential scope of the log, but in a necessary
way I suspect.

If people haven't noticed, the 2.4 logging config has a mirrored log file
for WARN messages and above. Somewhat related.

-- Scott