Skip to content

Best Approach to Query All AC Tool Failures in AEM Logs #796

New issue
New issue
Closed
Closed
Best Approach to Query All AC Tool Failures in AEM Logs#796
@wenwang111

Description

@wenwang111
wenwang111
opened on Mar 13, 2025

I’m looking for a simple and reliable query to extract all AC Tool failures from AEM logs. I’ve identified some common error patterns, such as:

  • "biz.netcentric.cq.tools.actool.authorizableinstaller.AuthorizableCreatorException"
  • "Could not create user"
  • "ACL creation failed"
  • "Access control sync failed"
  • "javax.jcr.nodetype.ConstraintViolationException"

However, I want to ensure that my approach captures all potential AC Tool failures without missing anything. For example, in the screenshot I provided, there is a message saying "Success: false". Unfortunately it is not captured in the error log.

Could you provide best practices or a recommended query to effectively extract these failures from AEM Cloud logs?

Example would be:

So far this is what I have for the query to capture all AC tool failures

laAEMCloudErrorLogsCL
| where _startTime >= ago(10h)
| where RawData contains "biz.netcentric.cq.tools.actool.authorizableinstaller.AuthorizableCreatorException"
or RawData contains "Failed to create authorizable"
or RawData contains "Could not create user"
or RawData contains "Could not create group"
or RawData contains "ACL creation failed"
or RawData contains "Access control sync failed"
or RawData contains "Failed to set permissions for user"
or RawData contains "Insufficient permissions to modify ACLs"
or RawData contains "Error synchronizing groups"
or RawData contains "Invalid configuration detected"
or RawData contains "AC Tool configuration error"
or RawData contains "Missing required parameters in AC Tool"
or RawData contains "Could not process yaml files"
or RawData contains "javax.jcr.nodetype.ConstraintViolationException"
or RawData contains "org.apache.jackrabbit.oak.spi.state.ReadyOnlyBuilderException"
| project Environment, ProgramName, Role, RawData, ext_ingest_time

How do I know whether the below error messages can capture it all? What if there are new error messages related AC tool failures, then i would need to update the query again. Is there a simple way to flag the message so I know the error is from ac tool?

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions