PratikPatel-Mtech
commented
3 weeks ago @brockallen @josephdecock Could you please review this and provide a solution?
Closed kishan-vachhani closed 1 week ago
PratikPatel-Mtech
commented
3 weeks ago @brockallen @josephdecock Could you please review this and provide a solution?
josephdecock
commented
3 weeks ago We don't currently support changing the log level of our log messages. My recommendation is to configure your alerting to not trip when errors are logged from the Duende.IdentityServer.Validation namespace.
The best source of truth for all possible error messages is our source code.
For a long time, we've been considering how best to improve logging in IdentityServer. We've also been on a journey over the past several releases to add better observability, in the form of OTel traces and metrics. Making our logging and auditing work well with OTel is the next step - something that we're hoping for a in a future major release of IdentityServer (https://github.com/DuendeSoftware/IdentityServer/issues/36).
RolandGuijt
commented
1 week ago @PratikPatel-Mtech Does Joe's comment answer your question? If so I would like to close the issue. If not feel free to add a comment.
PratikPatel-Mtech
commented
1 week ago @josephdecock @RolandGuijt Yes, that resolves our problem for now.
Which version of Duende IdentityServer are you using? 7.0.4
Which version of .NET are you using? 8.0
Question
Can we change the logging level from error to warning for Identity server validation errors like the one below in our integration by help of any configurations?
If not, is there a document listing all possible validation error patterns?
Additional context
We are currently having difficulty monitoring and analyzing actionable errors after running security test suites. These validation errors often trigger alert policies due to being logged at the error level. They are also included in our current error reporting matrix, requiring manual omission.
To address this, we are exploring ways to log these validation errors without using the error level. This approach will ensure the logs are still available if needed but will not affect our existing error monitoring and alerting mechanisms.