- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Setup Samples
- Storing Robot Credentials in CyberArk
- Setting up Attended Robots
- Setting up Unattended Robots
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- SmartCard Authentication
- Audit
- Resource Catalog Service
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
- Orchestrator Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- Organization administration
- Troubleshooting
Orchestrator Logs
These are diagnostic logs generated by UiPath Orchestrator regarding its behavior.
UiPath.Orchestrator.dll.config
file, under the <nlog>
tag.
UiPath.Orchestrator.dll.config
file:
<target xsi:type="EventLog" name="eventLog" layout="${message}" source="Orchestrator" log="Application" />
<logger name="*" minlevel="Info" writeTo="eventLog" />
Logs generated by the Jobs Scheduler have a separate target and logger:
<target xsi:type="EventLog" name="eventLogQuartz" layout="[Quartz] ${message} ${onexception: ${exception:format=tostring}}"
source="Orchestrator" log="Application" />
<logger name="Orchestrator.Quartz.*" minlevel="Info" writeTo="eventLogQuartz" />
Example:
Could not create Quartz Job
Logs generated by business and other validation rules have a separate target and logger:
<target xsi:type="EventLog" name="businessExceptionEventLog" layout="${message}${onexception:${exception:format=tostring:maxInnerExceptionLevel=5:innerFormat=tostring}}"
source="Orchestrator.BusinessException" log="Application" />
<logger name="BusinessException.*" minlevel="Info" writeTo="businessExceptionEventLog" final="true" />
These types of error messages are logged in the Event Viewer in the following cases:
-
validation issues such as:
Invalid username/email address or password.
The machine name DOC is already taken
-
business conflicts such as:
License expired!
The floating robot's session is already active on machine ROQADOCS06!
The robots already have pending jobs for this Process.
-
not found exceptions such as:
QueueName1 does not exist.
<nlog>
section from the UiPath.Orchestrator.dll.config
file.
By default, all Robot logs are sent to the Logs table of the Default Orchestrator Database, where UiPath Orchestrator stores other information as well.
target xsi:type="Database" connectionString="..."
section of the
UiPath.Orchestrator.dll.config
file.
The Logs page displays information from the Logs table of the Default Database. So, if this section does not exist, or the logs are saved to a different database, the page is empty. All parameters should be according to the table schema, which looks like this:
<target xsi:type="Database" name="database" connectionString="${ui-connection-strings:item=Default}" keepConnection="true">
<commandText>
insert into dbo.Logs (OrganizationUnitId, TenantId, TimeStamp, Level, WindowsIdentity, ProcessName, JobKey, Message, RawMessage)
values (@organizationUnitId, @tenantId, @timeStamp, @level, @windowsIdentity, @processName, @jobId, @message, @rawMessage)
</commandText>
<parameter name="@organizationUnitId" layout="${event-properties:item=organizationUnitId}" />
<parameter name="@tenantId" layout="${event-properties:item=tenantId}" />
<parameter name="@timeStamp" layout="${date}" />
<parameter name="@level" layout="${event-properties:item=levelOrdinal}" />
<parameter name="@windowsIdentity" layout="${event-properties:item=windowsIdentity}" />
<parameter name="@processName" layout="${event-properties:item=processName}" />
<parameter name="@jobId" layout="${event-properties:item=jobId}" />
<parameter name="@message" layout="${message}" />
<parameter name="@rawMessage" layout="${event-properties:item=rawMessage}" />
</target>
<logger name="Robot.*" writeTo="database" final="true" />
<target xsi:type="Database" name="database" connectionString="${ui-connection-strings:item=Default}" keepConnection="true">
<commandText>
insert into dbo.Logs (OrganizationUnitId, TenantId, TimeStamp, Level, WindowsIdentity, ProcessName, JobKey, Message, RawMessage)
values (@organizationUnitId, @tenantId, @timeStamp, @level, @windowsIdentity, @processName, @jobId, @message, @rawMessage)
</commandText>
<parameter name="@organizationUnitId" layout="${event-properties:item=organizationUnitId}" />
<parameter name="@tenantId" layout="${event-properties:item=tenantId}" />
<parameter name="@timeStamp" layout="${date}" />
<parameter name="@level" layout="${event-properties:item=levelOrdinal}" />
<parameter name="@windowsIdentity" layout="${event-properties:item=windowsIdentity}" />
<parameter name="@processName" layout="${event-properties:item=processName}" />
<parameter name="@jobId" layout="${event-properties:item=jobId}" />
<parameter name="@message" layout="${message}" />
<parameter name="@rawMessage" layout="${event-properties:item=rawMessage}" />
</target>
<logger name="Robot.*" writeTo="database" final="true" />
UiPath.Orchestrator.dll.config
file. A list of available targets can be found here.
CREATE NONCLUSTERED INDEX [IX_Search] ON [dbo].[Logs]
(
[TenantId] ASC,
[OrganizationUnitId] ASC,
[Level] ASC,
[TimeStamp] DESC
)WITH (STATISTICS_NORECOMPUTE = OFF, DROP_EXISTING = OFF, ONLINE = OFF, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
GO
CREATE NONCLUSTERED INDEX [IX_Search] ON [dbo].[Logs]
(
[TenantId] ASC,
[OrganizationUnitId] ASC,
[Level] ASC,
[TimeStamp] DESC
)WITH (STATISTICS_NORECOMPUTE = OFF, DROP_EXISTING = OFF, ONLINE = OFF, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
GO
<nlog>
section.
For Elasticsearch versions lower than 8.0:
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000">
<target xsi:type="ElasticSearch" name="robotElastic" uri="uritoelasticsearchnode" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="logEvent" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,organizationId,indexName" />
</target>
</target>
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000">
<target xsi:type="ElasticSearch" name="robotElastic" uri="uritoelasticsearchnode" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="logEvent" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,organizationId,indexName" />
</target>
</target>
For Elasticsearch versions 8.0 and higher:
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000">
<target xsi:type="ElasticSearch" name="robotElastic" uri="uritoelasticsearchnode" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,organizationId,indexName" />
</target>
</target>
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000">
<target xsi:type="ElasticSearch" name="robotElastic" uri="uritoelasticsearchnode" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,organizationId,indexName" />
</target>
</target>
In order for Elasticsearch versions 8.0 and higher to work properly, these parameters are set as follows:
documentType
is empty.enableApiVersioningHeader
is set totrue
.
Elasticsearch versions previous to 7.16.3
disableProductCheckStatus
parameter to true
in the Nlog target (<target xsi:type="ElasticSearch"
).
false
.
Username-and-password Authentication
To enable authentication via a username and password, you need to take the following steps:
- Option 1: If you do not use an NLog target, you need to configure the following parameters:
Logs.Elasticsearch.Username
andLogs.Elasticsearch.Password
. Make sure their values match the Elasticsearch settings from Step 1. -
Option 2: If
Logs.RobotLogs.ReadTarget
is set to an NLog target (for example,robotElasticBuffer
), and theLogs.Elasticsearch.Nodes
setting is not specified, configure the target by adding the following:requireAuth="true" username="XPACKuser" password="p@$$w0rd"
. Make sure these parameter values match the Elasticsearch settings from Step 1.For a configuration example, see the following:
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000"> <target xsi:type="ElasticSearch" name="robotElastic" uri="" requireAuth="true" username="XPACKusername" password="p@$$w0rd" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="logEvent" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,indexName" /> </target>
<target name="robotElasticBuffer" xsi:type="BufferingWrapper" flushTimeout="5000"> <target xsi:type="ElasticSearch" name="robotElastic" uri="" requireAuth="true" username="XPACKusername" password="p@$$w0rd" index="${event-properties:item=indexName}-${date:format=yyyy.MM}" documentType="logEvent" includeAllProperties="true" layout="${message}" excludedProperties="agentSessionId,tenantId,indexName" /> </target> - Option 3: If
Logs.RobotLogs.ReadTarget
is set to an NLog target ( for example,robotElasticBuffer
), and an Elasticsearch node is specified via theLogs.Elasticsearch.Nodes
setting, you need to explicitly configure it (as it overrides the NLog target settings), and make sure to also add the following:requireAuth="true" username="XPACKuser" password="p@$$w0rd"
. Make sure these parameter values match the Elasticsearch settings from Step 1.
OAuth2 Authentication
To switch to OAuth2 as an authentication method for Elasticsearch, you need to take the following steps. Note that you need to provide your current credentials to switch to this token-based authentication method.
API key authentication
API key expiration
By default, API keys do not expire, but you can still choose to set an expiration date for them.
If your API key is set to expire, you must generate a new and store it in the key vault before the expiration date, so as to make sure that Orchestrator can always retrieve a valid key.
Orchestrator reads API keys from the key vault every 15 minutes, so this is the maximum amount of delay you can expect before your new key is propagated.