Showing results for 
Show  only  | Search instead for 
Did you mean: 

IdentityIQ 8.0: Changes to logging

IdentityIQ 8.0: Changes to logging

Back to the IdentityIQ 8.0 overview: What’s new in IdentityIQ 8.0




Version 8.0 of IdentityIQ uses version 2.11.1 of Log4j: Log4j2   This change adds new logging capabilities (specifically, change listening), and also means that there are changes to the the logging configuration file name, and to logging syntax.


Configuration File Name/Location

Previously, the log4j configuration file was  WEB-INF/classes/  This file is no longer shipped, and will not be referenced if present.

In IdentityIQ 8.0, the log4j2 configuration file is WEB-INF/classes/ (Note the digit 2 in the filename.)


Syntax of

Log4j2's syntax is different from log4j's. Previously in v1 in, the syntax was:


In version 2 in, you now declare using this syntax:



Notice the differences:

  • the log4j. prefix no longer used
  • 2 lines are required instead of 1
  • the logger identifier value (acmeExample) is not important, other than it is uniquely used to join the two lines together


In IdentityIQ 8.0, the previous have been fully converted into the new syntax in the file. You can refer to Apache's Log4j – Configuring Log4j 2 - Apache Log4j 2​  document for a full description of log4j2 configuration.


Examples of Logging Syntax for IdentityIQ

The file that is shipped with IdentityIQ version 8.0 includes statements for SailPoint loggers.Some are enabled by default and others provide commented-out statements; in these cases you can simply un-comment the statements that provides the logging you want. Here are some examples:


Hibernate Example



Aggregator Example



Sailpoint Connector Example



OpenConnector Example for Okta



Apache Commons Logging

As with previous releases, with version 8.0 it is recommended that classes which perform simple logging use org.apache.commons.logging. For example:


import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

private static Log log = LogFactory.getLog(MyClass.class);"printing message 1");


Change Listening

Listening for, and automatically enforcing, changes to the logging configuration is a new feature of log4j2. IdentityIQ's default declares a monitorInterval of 20 seconds, so changes will be enforced within 20 seconds of saving changes to

You can turn off change listening by setting the property monitorInterval to 0 in


Upgrade Considerations

As part of your upgrade to IdentityIQ version 8.0, you must edit the new file to reflect any customizations you may have made to your prior version of IdentityIQ. The sample logging statements in the file can help you with the log4j2 logging syntax.

Also, any rules that that use log4j logging may require updating, and verification that they are importing correctly. If there are tools, plugins, or other custom code written that used log4j v1 APIs (typically to modify logging configurations), those will need to be rewritten to use the new log4j v2 APIs in order to work for IdentityIQ 8.0. For more information, refer to the section on Converting to the Log4j 2 API in Migrating from Log4j 1.x

NOTE: There is some  support for backward-compatibility with basic log4j v1 APIs, due to the inclusion of the log4j-1.2-api-2.11.2.jar.  But, as mentioned earlier, the apache commons-logging should be used for the basic logging calls.


Additional Resources

For more information on Log4j2, refer to these Apache documents:


For more information on logging in IdentityIQ, see . Although this document is written for the earlier version of log4j, it includes general guidance about logging that is useful regardless of the version of log4j you are using.

Labels (2)

I'd like to suggest an addition to the section, Syntax of

I noticed while trying to migrate my old logger entries into the new format that each dot delimited section of a logger needs explicit declaration.  For instance, if I want to declare a logger like:

I must first declare the 'parents', 'bob' and 'test' like:


The name value (after the seems less important to log4j2 than the explicit declaration of the parent nodes. 


Suggest modifying the section to say:

Notice the differences:

  • the log4j. prefix no longer used
  • 2 lines are required instead of 1
  • the logger identifier value (acmeExample) is not important, other than it is uniquely used to join the two lines together
  • each dot delimited entry between 'logger' and 'name' must be explicitly declared with its own logger entry
Version history
Revision #:
4 of 4
Last update:
‎Feb 23, 2023 12:03 PM
Updated by: