1

We are using IdentityServer4 and sending logs to SumoLogic. We are pushing the logs from IdentityServer to sumoLogic via SerilLog and SumoLogic treats each log entry as a separate message. So whats happening is basically one error is getting reported as two or more different messages:

Log entry1: 2017-09-11 16:06:28.234 +10:00 [Information] Request finished in 2265.5543ms 400 application/json

Log entry2: 2017-09-11 16:06:28.230 +10:00 [Debug] Connection id ""0HL7ORC9RFJ8C"" completed keep alive response.

Log entry3: 2017-09-11 16:06:28.209 +10:00 [Error] "{ \"ClientId\": \"roclient.reference\", \"GrantType\": \"password\", \"Raw\": { \"grant_type\": \"password\", \"username\": \"BobSmith@email.com\", \"password\": \"REDACTED\", \"scope\": \"api1 api2.read_only\" } }"

Log entry4: 2017-09-11 16:06:28.189 +10:00 [Error] Requested scope not allowed: "api1" ; ApiScope not found: ""

Log entry5: 2017-09-11 16:06:28.180 +10:00 [Debug] Found "" API scopes in database

But our reporting facility is SumoLogic which treats each entry as single-one and each entry when extracted doesn’t give full information and what I want to know is the way how we can combine these sequential messages to one.

Is there anything that we can do as on IdentityServer4/Sumologic/SeriLog.

Thanks, Neha

Michael Freidgeim
  • 26,542
  • 16
  • 152
  • 170
Neha
  • 11
  • 1

1 Answers1

0

I would try changing the output of SeriLog to JSON, see this link: https://github.com/serilog/serilog/wiki/Formatting-Output

Log.Logger = new LoggerConfiguration()
    .WriteTo.File(new JsonFormatter(), "log.txt")
    .CreateLogger();

Let me know if this works for you.

gigawatts
  • 319
  • 2
  • 5
  • 15