What kind of event levels are used in XTAM logging output
The levels Info and Error are used by XTAM to communicate information about all events: successful (for level Info) or unsuccessful (for level Error). The majority of the messages of Info and Error levels come from the Audit Log report at the same time when they appear to the audit log itself. However, the application communicates some internal states also, such as installing session or key recording for sessions, details of servers startup, etc as Info messages and all internal system errors (these should not happen but sometimes occur) as Error messages.
Additionally, XTAM uses Debug and Trace levels for internal debugging purposes. Sometimes to investigate certain situations with customer deployments, our Support team may ask the customer to enable a higher level debug for troubleshooting purposes. Some of the application components, especially those related to integration (i.e. LDAP, PowerShell or SSH scripts executing) generate a lot of debug and especially trace messages when enabled. We do not anticipate users to actually use Trace and Debug message for reasons other than troubleshooting purposes as they do not carry useful business level information.
For logging, XTAM uses the industry standard Log4j logging mechanism for processing and filtering of its log messages. This log configuration is located in the file $XTAM_HOME/web/conf/log4j.pam.properties, which in turn controls the filtering for log levels for the entire application as well as for individual components. This file also controls the destination syslog traffic with its own filtering.