Troubleshooting

SUSE Observability Self-hosted

When authentication or authorization fails it usually is due to a mismatch in the configuration of the provider and SUSE Observability. To make troubleshooting easier it is possible to enable debug logging on SUSE Observability for authentication and authorization specifically.

Disable the debug logging again as soon as your are done with troubleshooting, because it is very likely debug logging contains secrets and/or personal information.

To enable debug logging copy/paste the following yaml snippet into a debug-auth.yaml file.

stackstate:
  components:
    server:
      additionalLogging: |
        logger("org.pac4j.core.engine", DEBUG)
        logger("org.pac4j.oidc.profile.creator", DEBUG)
        logger("org.pac4j.oidc.credentials.authenticator", DEBUG)
    api:
      additionalLogging: |
        logger("org.pac4j.core.engine", DEBUG)
        logger("org.pac4j.oidc.profile.creator", DEBUG)
        logger("org.pac4j.oidc.credentials.authenticator", DEBUG)

Now run the helm upgrade command you used before but include this one extra yaml file (so helm upgrade .... --values debug-auth.yaml) to enable debug logging. No pods will be restarting, the logging configuration changes will be loaded automatically after about 30 seconds.

To disable the debug logging run the helm upgrade .... command again but omit the --values debug-auth.yaml. After 30 seconds the updated logging configuration is loaded and the debug logging stops.

PreviousService tokens NextRBAC

Last updated 3 hours ago