When full logging is enabled, the Security Server stores the message body in the message log database. More information about different logging options is available here.
SOAP Messages in the Message Log Database
For SOAP messages, the message body is stored in the message column when database encryption is disabled. When database encryption is enabled, the encrypted message body is stored in the ciphermessage column.
Plain text message log entries can be queried by message id using this SQL query:
messagelog=# select id,message,response from logrecord where xrequestid = '<REQUEST_ID>';
REST Messages in the Message Log Database
For REST messages, the REST request data (HTTP method, request path, HTTP headers) is stored in the message column when database encryption is disabled. When database encryption is enabled, the encrypted REST request data is stored in the ciphermessage column. Instead, the REST message body is always stored in the attachment column as a large binary object.
Plain text REST request data can be queried by message id using this SQL query:
messagelog=# select id,message,response,attachment from logrecord where xrequestid = '<REQUEST_ID>';
Instead, the REST message body can be queried using the attachment id returned by the previous query:
messagelog=# SELECT lo_export(attachment, '/tmp/record.txt') FROM logrecord WHERE attachment = <ATTACHMENT_ID>;
The above query stores the REST message body in the /tmp/record.txt file.
Message Log Archive Files
Message log archive files can be downloaded using the signed document download service and verified using the signed document verification tool. The verification tool supports extracting the signed files from archives and storing them separately on disk. When a signed file is extracted, contents of the message log database message column are written to the message.xml file. For SOAP message, the file includes the message body. Instead, for REST messages, the file includes the REST request data (HTTP method, request path, HTTP headers).