Identity Server 3 Trace (Logging)

To enable generation of a trace file for Identity Server 3, insert the following in web.config file. If <system.diagnostics> is not already present in the file, insert the section between the sections <appSettings> and <system.web>. To disable the trace later, it'll suffice to comment out the <add> element.

  <system.diagnostics>
    <trace autoflush="true" indentsize="4">
      <listeners>
        <add name="trace-log" type="System.Diagnostics.TextWriterTraceListener" initializeData="Trace.log" />
      </listeners>
    </trace>
  </system.diagnostics>

The initializeData attribute in the <add> element points to the trace file. When no path is specified, the file is created in the web site folder which may be inappropriate and can be a security risk.

Consider a better place to store the log and be aware that the application pool identity (service account) must have write access to this folder (which it may not have to the web site folder).

From Link 2.12 It's possible to control the log-level by setting an app-setting key: identityServerLogLevel

<add key="identityServerLogLevel" value="Debug"/>

The following values are available:
Verbose, Debug, Information, Warning, Error and Fatal
Default is Warning

More information about logging

• https://identityserver.github.io/Documentation/docsv2/configuration/logging.html
• https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/SelfHost%20SeqEvents
• https://developers.de/blogs/armin_kalajdzija/archive/2016/09/23/how-to-audit-login-activity-in-identityserver3.aspx