Monitoring

This section describes the log format of Haventec dockers, and proposes some monitoring dashboards that on-premise installation could create.

Logs format

Each request will generate one log at entry (action=REQ_ENTER), one at exit (action=REQ_EXIT) and optionally several others in between.

All the logs from a single transaction will have the same value at the field correlationId. The request could provide that value as a header parameter X-Correlation-Id, if it's not present it will receive a random UUID.

Example of an entry log line:


    {
      "timestamp": "2019-08-20T04:50:28.253Z",
      "version": "1",
      "message": "action=REQ_ENTER uri=/authenticate/v1-2/authentication/login, requestContentType=application/json, requestLocale=en_US, clientIP=127.0.0.1, method=POST, protocol=HTTP/1.0, requestParameters=[]",
      "logger_name": "com.haventec.authenticate.spring.LoggingFilterConfig",
      "thread_name": "http-nio-8080-exec-1",
      "level": "INFO",
      "level_value": 20000,
      "applicationUuid": "1ca851c3-566e-41a4-bcf3-13695c82b2a9",
      "correlationId": "05507ef4-7376-4589-8d44-267edf039565",
      "uri": "/authenticate/v1-2/authentication/login"
    }
    

Example of a logic log line between the entry and exit point


    {
    "timestamp": "2019-08-20T04:50:29.367Z",
    "version": "1",
    "message": "loginDevice - Device login authenticated, deviceUuid=48fd33cd-8262-430e-9b81-ecc6c74c063b, successfulLoginCounter=1 ",
    "logger_name": "com.haventec.authenticate.services.AuthenticateEngine",
    "thread_name": "http-nio-8080-exec-1",
    "level": "INFO",
    "level_value": 20000,
    "userUuid": "3e559367-4aa3-4eaf-a73f-7e0e43b842fd",
    "deviceUuid": "48fd33cd-8262-430e-9b81-ecc6c74c063b",
    "applicationUuid": "1ca851c3-566e-41a4-bcf3-13695c82b2a9",
    "correlationId": "05507ef4-7376-4589-8d44-267edf039565",
    "uri": "/authenticate/v1-2/authentication/login"
    }
    

Example of an exit log line:


    {
    "timestamp": "2019-08-20T04:50:29.985Z",
    "version": "1",
    "message": "action=REQ_EXIT, uri=/authenticate/v1-2/authentication/login, statusCode=200, responseContentType=application/json;charset=UTF-8, responseLocale=en_US, applicationUuid=1ca851c3-566e-41a4-bcf3-13695c82b2a9, requestorUserUuid=3e559367-4aa3-4eaf-a73f-7e0e43b842fd, requestorDeviceUuid=48fd33cd-8262-430e-9b81-ecc6c74c063b ",
    "logger_name": "com.haventec.authenticate.spring.LoggingFilterConfig",
    "thread_name": "http-nio-8080-exec-1",
    "level": "INFO",
    "level_value": 20000,
    "userUuid": "3e559367-4aa3-4eaf-a73f-7e0e43b842fd",
    "deviceUuid": "48fd33cd-8262-430e-9b81-ecc6c74c063b",
    "applicationUuid": "1ca851c3-566e-41a4-bcf3-13695c82b2a9",
    "correlationId": "05507ef4-7376-4589-8d44-267edf039565",
    "uri": "/authenticate/v1-2/authentication/login",
    "statusCode": "200"
    }
    

Monitor ERROR and WARN

We recommend to monitor and analyse any log line with a level of WARN or higher

  • ERROR: There has been a system error that may require further assistance. In our SAAS, if there is an ERROR, Haventec support will receive a notification to investigate immediately and inform any customer affected.

  • WARN: Something unexpected happened and it requires investigation.

Kibana query example

Visualization Query
ERROR product:anbe AND level:ERROR AND correlationId:*
WARN product:anbe AND level:WARN AND correlationId:*

We recommend creating alarms in the case of ERROR logs in order to inform your support or infrastructure team. Please also contact Haventec support to help you investigate.

There is currently some lines with ERROR and WARN that can be ignored due to false positives:

  • ERROR and WARN logs that don't contain a correlationId can be ignored.

  • The following WARN log can also be ignored

    
        {
        "timestamp": "2019-08-20T04:50:51.686Z",
        "version": "1",
        "message": "validateConnectorOwner - Security threat.  ErrorCode=AN-VALI-1054, Message=Action not permitted on this connector",
        "logger_name": "com.haventec.authenticate.services.helpers.ServicesValidators",
        "thread_name": "http-nio-8080-exec-2",
        "level": "WARN",
        "level_value": 30000,
        "userUuid": "3e559367-4aa3-4eaf-a73f-7e0e43b842fd",
        "deviceUuid": "48fd33cd-8262-430e-9b81-ecc6c74c063b",
        "applicationUuid": "1ca851c3-566e-41a4-bcf3-13695c82b2a9",
        "correlationId": "5b88d559-2399-4309-9b0f-6e088076c2a0"
        }
                

Monitor API calls

We recommend monitoring successful and failed transactions per API. This information resides on the exit log lines (action=REQ_EXIT) and contains 4 interesting parameters.

Parameter Description
uri API URI invoked by the HTTP request
statusCode HTTP status code. Successful transactions will be 200 or 302, all other will be failure transactions.
level If the level of the log is INFO, the failure is not a system error and therefore it doesn't have to be investigate. It would be interested to analyse them only to understand the UX.
errorCode Error code generated by Authenticate that your application needs to handle. The analysis of error codes per API could give us interesting insides about how customers are using your application and could help you improve the user experience.
errorMessage Human readable description of the error.

Example of a successful transaction towards the login API


    {
    "timestamp": "2019-08-20T04:50:29.985Z",
    "version": "1",
    "message": "action=REQ_EXIT, uri=/authenticate/v1-2/authentication/login, statusCode=200, responseContentType=application/json;charset=UTF-8, responseLocale=en_US, applicationUuid=1ca851c3-566e-41a4-bcf3-13695c82b2a9, requestorUserUuid=3e559367-4aa3-4eaf-a73f-7e0e43b842fd, requestorDeviceUuid=48fd33cd-8262-430e-9b81-ecc6c74c063b ",
    "logger_name": "com.haventec.authenticate.spring.LoggingFilterConfig",
    "thread_name": "http-nio-8080-exec-1",
    "level": "INFO",
    "level_value": 20000,
    "userUuid": "3e559367-4aa3-4eaf-a73f-7e0e43b842fd",
    "deviceUuid": "48fd33cd-8262-430e-9b81-ecc6c74c063b",
    "applicationUuid": "1ca851c3-566e-41a4-bcf3-13695c82b2a9",
    "correlationId": "05507ef4-7376-4589-8d44-267edf039565",
    "uri": "/authenticate/v1-2/authentication/login",
    "statusCode": "200"
    }
    

Example of a failure transaction towards the login API


    {
    "timestamp": "2019-08-24T14:05:48.993Z",
    "version": "1",
    "message": "action=REQ_EXIT, uri=/authenticate/v1-2/authentication/login, statusCode=401, responseContentType=application/json;charset=UTF-8, responseLocale=en_US, applicationUuid=bf36094e-3cd9-4475-bbab-719574f8e3cd, requestorDeviceUuid=57d7f49d-7126-4629-bbbf-075d67d20884, errorCode=AN-AUTH-1006, errorDescription=\"Authentication failed\" ",
    "logger_name": "com.haventec.authenticate.spring.LoggingFilterConfig",
    "thread_name": "http-nio-8080-exec-8",
    "level": "INFO",
    "level_value": 20000,
    "errorMessage": "Authentication failed",
    "deviceUuid": "57d7f49d-7126-4629-bbbf-075d67d20884",
    "applicationUuid": "bf36094e-3cd9-4475-bbab-719574f8e3cd",
    "correlationId": "cb84e8ff-b879-42f5-9461-030afeb3a8fa",
    "errorCode": "AN-AUTH-1006",
    "uri": "/authenticate/v1-2/authentication/login",
    "statusCode": "401"
    }
    

Monitor error codes

We recommend to monitor the following error codes:

Error code Description Why is it important?
AN-OPID-1000 Expired OAuth Authorization code There is no JWT linked to the provided OAUTH code and need to be investigated
AN-HENG-1001 Wrong authKey User's device got out of synchronisation and cannot log in, user needs to register a new one
AN-AUTH-1005 Authentication failed, your device is now locked Too many login failures locked the device. Users will need to register a new one
AN-HENG-1004 Device is locked Too many login failures locked the device. Users will need to register a new one
AN-AUTH-1025 You have reached the maximum attempts to reset PIN. You are blocked from resetting your PIN, Please try again later It won't allow users to reset the PIN in 24 hours