FIXEdge logs format

Owned by Andrei Bakhteev (Unlicensed)
Last updated: Nov 01, 2021 by AntonA (Unlicensed)
3 min read

Format of log entries in the log file

FIXEdge logs have its own format that could be configured in FIXEdge.properties:

Log.File.Format = %date{ISO8601} %timezone   %level%tablevel   [%logger]  %thread  %message

Where:

  • %level - prints severity level of the log record. List of possible levels:

Level

Definition

TRACE

Most detailed information.  Should be used very sparingly. 

DEBUG

Detailed information on the flow through the system.  This log level should never be used in customer-facing environments, but many applications will log debug-level information for troubleshooting purposes

INFO

Interesting runtime events (startup/shutdown). Expect these to be immediately visible on a console, so be conservative and keep to a minimum.  This log level contains informational details and is typically not going to be acted upon by Operations

WARN

Use of deprecated APIs, poor usage of API, 'almost' errors, other runtime situations that are undesirable or unexpected, but not necessarily "wrong".  This log level contains details that can be important but is typically not going to be acted upon by Operations. Some WARN level log items may be escalated if thresholds are met

ERROR

Other runtime errors or unexpected conditions.  This log level contains important error details that must be escalated immediately to remediate failure. This should be as actionable and detailed as possible. Business-level information (e.g. “Customer login was incorrect”) should not be logged at this level, but rather at the WARN level with “BUSINESS ALERT” in the message because they are not application failures.

FATAL 

Severe errors that cause premature termination.  An extreme version of “ERROR”

  • %tablevel - prints extra spaces for vertical alignment of records after %level
  • %date{FIX} - prints date in 'YYYYMMDD-HH:MM:SS.sss' format
  • %date{ISO8601} - prints date in 'YYYY-MM-DD HH:MM:SS,sss' format
  • %date  - prints date in 'DD MMM YYYY HH:MM:SS,sss' format

  • %date{FIXus} - date in 'YYYYMMDD-HH:MM:SS.uuuuuu' format;

    Was introduced FIX Antenna 2.27.1

  • %date{FIXns} - date in 'YYYYMMDD-HH:MM:SS.nnnnnnnnn' format;

    Was introduced FIX Antenna 2.27.1

  • %date{ISO8601us} - date in 'YYYY-MM-DD HH:MM:SS,uuuuuu' format;

    Was introduced FIX Antenna 2.27.1

  • %date{ISO8601ns} - date in 'YYYY-MM-DD HH:MM:SS,nnnnnnnnn' format;

    It has been introduced FIX Antenna 2.27.1
  • %timezone - prints time zone abbreviation or name (setup TZ env variable to take abbreviation in windows) or 'UTC'
  • %logger - prints log category, component
  • %thread - prints thread id
  • %thread_name - prints a name of the thread
  • %message - prints a message

For more information please read the article: How to divide different categories and severities of log files into different files in the Logging section

Format of event entries for transfer to ArcSight

The log transfer to ArcSight is supported since FIXEdge version 6.7.0. Log entries format must satisfy the requirements of this system (e.g. CEF Format). The log format for transfer to ArcSight can be configured in FIXEdge.properties file and set using patterns. The following characters can be used in the pattern:

Conversion CharacterExample using

Effect

X

%X{msg}

Prints to output the value of a given runtime variable:

NameDescriptionExample
DateTimeUTCUniversal Coordinated Time (UTC)

follow standard ISO 8601 as pattern  yyyy-MM-dd'T'HH:mm:ss.SSSZ 

2015-01-22T14:40:38.928Z

DateTimeLocalUniversal Coordinated Time (UTC)

follow standard ISO 8601 as pattern  yyyy-MM-dd'T'HH:mm:ss.SSS±HH:MM

2015-01-22T08:40:38.928-06:00
msgThe message for AppFailed event
id

The number of the signal for AppSigTermDetected event


E

%E{ENV1}

Used to output the value of a given environment variable. The name of is supplied as an argument in brackets. The empty string will be used if the variable does exist.

For example, the pattern E{HOME} will output the contents of the HOME environment variable.

Also can be used Additional Environment Variables of FIXEdge:

NameDescriptionExample
.AppNameapplication nameFIXEdge
.AppVersionapplication version6.7.0
.AppRevisionapplication revision67
\%E\{ENV1}
%X\{msg}

adds backslash to the following symbols to comply with CEF Format:

input symboloutput
|\|
\\\
=\=

<newline character LF \n>

\n
<newline character CR \r>\r
example
\home\work\data
\= \\home\\work\\data
"%%"

Transforms the sequence of "%" symbols to a single percent sign %.

An example of setting the pattern for generating AppStarting event logs in CEF Format:

Pattern

Header

Header parts should be separated with "|" symbol

Extensions
TimestampCEF versionDevice vendorDevice ProductDevice Version

Device Event Class ID

NameSeverity


AppStarting event

%X{DateTimeMSUTC}

CEF:0

EPAM

FixEdge


%E\{.AppVersion}

AP01

application starting

INFO

cs1=APP-STARTING externalID=0

Pattern : %X{DateTimeMSUTC}|CEF:0|EPAM|FixEdge|%E\{.AppVersion}|AP01|application starting|INFO|cs1=APP-STARTING externalID=0

Example resulting message: 2018-08-28T10:22:38.254Z|CEF:0|EPAM|FixEdge|6.7.0|AP01|application starting|INFO|cs1=APP-STARTING externalID=0

For more information please read the articles: