Chapter 6. Auditing and troubleshooting 231
The pdweb.snoop component traces HTTP traffic. This component logs the
HTTP headers and the message body for requests and responses. The
pdweb.snoop component has the following subcomponents:
pdweb.snoop.client The trace subcomponent to trace data that is sent
between WebSEAL and clients.
pdweb.snoop.jct The trace subcomponent to trace data that is sent
between WebSEAL and junctions.
If you want to trace only the message headers, use the pdweb.debug
The following command invokes the trace utility for the pdweb.snoop component
at level 9 and directs the output to a file:
pdadmin> server task webseald-instance trace set pdweb.snoop 9 \
6.3.6 Diagnostic utilities
Many of the commands, tools, scripts, and daemons associated with Tivoli
Access Manager are installed under the installation directory in the /bin and /sbin
subdirectories. The one exception is the Tivoli XML Log Viewer. This viewer is
installed separately and, by default, resides in its own directory.
Tivoli XML Log Viewer
The C-based components of Tivoli Access Manager support the generation of
message and trace information in a common XML format. This format is known
as the Tivoli XML log format and is used by a number of Tivoli applications.
A Java-based log viewer application is provided that allows these messages and
traces to be filtered in a number of ways, including by time window, severity,
thread ID, and component. Information that is produced by different products can
be analyzed and converted into ASCII or HTML that use the Tivoli XML Log
This log viewer is not installed as part of any Tivoli Access Manager installation.
You must explicitly install the Tivoli XML Log Viewer. Because the InstallShield
MultiPlatform installation program and the Tivoli XML Log Viewer are both Java
applications, a JRE must be installed prior to installing and using the viewer. The
Note: Java-language-based Tivoli Access Manager components and
applications cannot produce messages or traces in the Tivoli XML log format.