Suggest DEBUG level logging instead for SAML #74661
Conversation
ppf2
added
>docs
elasticmachine
added
Team:Docs
|
Pinging @elastic/es-docs (Team:Docs) |
|
Pinging @elastic/es-security (Team:Security) |
elasticsearchmachine
added
v8.0.0
external-contributor
There was a problem hiding this comment.
I think we should link to https://www.elastic.co/guide/en/elasticsearch/reference/current/logging.html#configuring-logging-levels to add context about configuring loggers in general too.
| ---------------- | ||
|
|
||
| See <<configuring-logging-levels,configuring logging levels>> for more information. |
There was a problem hiding this comment.
@DaveCTurner Hope this is the right syntax for proper linking 😄
|
@elasticmachine update branch |
| @@ -698,29 +698,30 @@ the `basic` `authProvider` in {kib}. The process is documented in the | |||
|
|
|||
| *Logging:* | |||
|
|
|||
| Very detailed trace logging can be enabled specifically for the SAML realm by | |||
| Very detailed debug logging can be enabled specifically for the SAML realm by | |||
There was a problem hiding this comment.
| Very detailed debug logging can be enabled specifically for the SAML realm by | |
| If the issue you encounter is not covered in the list above, it might be helpful to enable additional logging for the SAML realm to further troubleshoot the issue. You can enable debug logging by |
There was a problem hiding this comment.
Thanks for this suggestion @jkakavas -- I incorporated a version of that text into my changes.
|
Is someone taking care of getting this PR merged & backported? @lcawl / @lockewritesdocs are either of you able to run with it? |
|
@elasticmachine update branch |
I'll pick this one up -- thanks for the ping @tvernum! |
|
@elasticmachine update branch |
|
@DaveCTurner, does this change also apply to 7.13 and 7.14? If so, I'll add the labels and backport appropriately. |
lockewritesdocs
added
the
auto-backport
|
I think so, but I don't keep on top of changes in this area so would like someone from @elastic/es-security to confirm. |
|
Yes, let's backport all the way to 7.13 |
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]> Co-authored-by: Pius <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]> Co-authored-by: Pius <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
* Suggest DEBUG level logging instead for SAML * Update troubleshooting.asciidoc * Incorporate reviewer feedback Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]> Co-authored-by: Pius <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Adam Locke <[email protected]>
Per @DaveCTurner 's discussion with the security team, we believe that DEBUG logging will be sufficient for most cases for SAML troubleshooting. TRACE is only necessary if we believe there's a bug in the implementation. This PR updates the documentation to suggest DEBUG logging instead of TRACE. Thx!