This guide builds that map. We cover ActiveMQ log analysis and diagnostics end-to-end: the log anatomy (how to read any log entry), the 10 critical log signatures for the most common operational events, production log4j2 configuration for Apache ActiveMQ® and Apache Artemis™, audit logging for compliance environments, GC log correlation, and log aggregation integration.
The ActiveMQ Log Format: Anatomy of a Log Entry
Apache ActiveMQ® Log Format
Apache ActiveMQ® produces pipe-separated log entries:
| TIMESTAMP | LEVEL | MESSAGE | LOGGER_CLASS | THREAD_NAME 2026-04-04 02:13:47,215 | WARN | Usage(default:store:queue://orders:store) percentUsage=99%… Stopping producer (ID:app-1:1:1:1) | org.apache.activemq.broker.region.BaseDestination | ActiveMQ Broker |
| Field | Example | What It Tells You |
| Timestamp | 2026-04-04 02:13:47,215 | Correlate with application events, GC pauses |
| Level | WARN | Severity: TRACE < DEBUG < INFO < WARN < ERROR < FATAL |
| Message | Stopping producer… | The event description — the primary diagnostic content |
| Logger class | org.apache.activemq.broker.region.BaseDestination | Which broker component generated the entry |
| Thread name | ActiveMQ Broker | The broker thread — identifies context (IO thread, checkpoint worker, etc.) |
Apache Artemis™ Log Format
Artemis uses space-separated fields and AMQ message codes:
| TIMESTAMP LEVEL [THREAD] LOGGER AMQ_CODE: MESSAGE 2026-04-04 02:15:30,441 WARN [org.apache.activemq.artemis.core.server] AMQ222199: Thread dump: |
The AMQ message codes (AMQ2XXXXX) are numeric identifiers for specific broker events that can be used as search terms in aggregation systems regardless of message text changes across versions.
Log Files Location Reference
| Product | Primary Log | Audit Log | Config File |
| Apache ActiveMQ® 5.17.0+ | data/activemq.log | data/audit.log | conf/log4j2.properties |
| Apache ActiveMQ® 5.16.x | data/activemq.log | data/audit.log | conf/log4j.properties (reload4j) |
| Apache Artemis™ | log/artemis.log | log/audit.log | etc/log4j2.properties |
Production Log4j2 Configuration
The default log4j2 configuration that ships with ActiveMQ is serviceable for development but needs adjustment for production: rolling file size management, appropriate retention, and structured output for log aggregation.
Apache ActiveMQ®: conf/log4j2.properties
| # conf/log4j2.properties — Production configuration for Apache ActiveMQ(r) 5.17.0+ # Hot-reload: check for config changes every 30 seconds (no broker restart needed) monitorInterval = 30 # Root logger: INFO level, writing to rolling file + console rootLogger.level = INFO rootLogger.appenderRef.console.ref = console rootLogger.appenderRef.activemq.ref = activemq # ── Component-level logger overrides ────────────────────────────────────────── # Transport: useful to raise to DEBUG when diagnosing connection issues logger.transport.name = org.apache.activemq.transport logger.transport.level = INFO # KahaDB: raise to DEBUG to trace journal operations during corruption investigation logger.kahadb.name = org.apache.activemq.store.kahadb logger.kahadb.level = INFO # Network of Brokers: raise to DEBUG when diagnosing NoB connectivity logger.network.name = org.apache.activemq.network logger.network.level = INFO # Security: INFO shows authentication events; DEBUG shows all JAAS operations logger.security.name = org.apache.activemq.security logger.security.level = INFO # ── Console appender ────────────────────────────────────────────────────────── appender.console.type = Console appender.console.name = console appender.console.layout.type = PatternLayout appender.console.layout.pattern = %d %-5level [%t] %c{1}:%L %msg%n # ── Rolling file appender: 10 × 50MB = 500MB max log retention ─────────────── appender.activemq.type = RollingFile appender.activemq.name = activemq appender.activemq.fileName = ${sys:activemq.base}/data/activemq.log appender.activemq.filePattern = ${sys:activemq.base}/data/activemq.log.%i appender.activemq.layout.type = PatternLayout appender.activemq.layout.pattern = %d | %-5level | %msg | %logger | %t%n appender.activemq.policies.type = Policies appender.activemq.policies.size.type = SizeBasedTriggeringPolicy appender.activemq.policies.size.size = 50MB appender.activemq.strategy.type = DefaultRolloverStrategy appender.activemq.strategy.max = 10 # ── Audit log: Apache ActiveMQ(r) audit logging via system property ───────────────────── # Enable via: ACTIVEMQ_OPTS=”… -Dorg.apache.activemq.audit=true” # Audit events write to data/audit.log |
Apache Artemis™: etc/log4j2.properties
| # etc/log4j2.properties — Production configuration for ActiveMQ Artemis monitorInterval = 30 rootLogger = INFO, console, artemis # ── Artemis component loggers ───────────────────────────────────────────────── logger.artemis_server.name = org.apache.activemq.artemis.core.server logger.artemis_server.level = INFO logger.journal.name = org.apache.activemq.artemis.journal logger.journal.level = INFO logger.security.name = org.apache.activemq.artemis.core.security logger.security.level = INFO # ── Audit loggers: OFF by default; enable individually for compliance ───────── # audit.base: JMX operations (queue creation, deletion, purge) logger.audit_base.name = org.apache.activemq.audit.base logger.audit_base.level = OFF logger.audit_base.appenderRef.audit_log_file.ref = audit_log_file logger.audit_base.additivity = false # audit.resource: authentication events, queue changes via console or JMX logger.audit_resource.name = org.apache.activemq.audit.resource logger.audit_resource.level = OFF logger.audit_resource.appenderRef.audit_log_file.ref = audit_log_file logger.audit_resource.additivity = false # audit.message: produce/consume/browse operations on each message logger.audit_message.name = org.apache.activemq.audit.message logger.audit_message.level = OFF logger.audit_message.appenderRef.audit_log_file.ref = audit_log_file logger.audit_message.additivity = false # ── Console appender ────────────────────────────────────────────────────────── appender.console.type = Console appender.console.name = console appender.console.layout.type = PatternLayout appender.console.layout.pattern = %d %-5level [%t] %c{1}:%L %msg%n # ── Rolling broker log ──────────────────────────────────────────────────────── appender.artemis.type = RollingFile appender.artemis.name = artemis appender.artemis.fileName = ${sys:artemis.instance}/log/artemis.log appender.artemis.filePattern = ${sys:artemis.instance}/log/artemis.log.%i appender.artemis.layout.type = PatternLayout appender.artemis.layout.pattern = %d %-5level [%c] %msg%n appender.artemis.policies.type = Policies appender.artemis.policies.size.type = SizeBasedTriggeringPolicy appender.artemis.policies.size.size = 50MB appender.artemis.strategy.type = DefaultRolloverStrategy appender.artemis.strategy.max = 10 # ── Separate audit log file ─────────────────────────────────────────────────── appender.audit_log_file.type = RollingFile appender.audit_log_file.name = audit_log_file appender.audit_log_file.fileName = ${sys:artemis.instance}/log/audit.log appender.audit_log_file.filePattern = ${sys:artemis.instance}/log/audit.log.%i appender.audit_log_file.layout.type = PatternLayout appender.audit_log_file.layout.pattern = %d %-5level [%t] %msg%n appender.audit_log_file.policies.type = Policies appender.audit_log_file.policies.size.type = SizeBasedTriggeringPolicy appender.audit_log_file.policies.size.size = 20MB appender.audit_log_file.strategy.type = DefaultRolloverStrategy appender.audit_log_file.strategy.max = 10 |
Hot-reload: the monitorInterval=30 setting causes Log4j2 to re-read the configuration file every 30 seconds. To raise a logger to DEBUG for a targeted troubleshooting session, edit the *.level line, save the file, and wait 30 seconds; no broker restart is required. This is the correct procedure for production troubleshooting with minimal disruption.
10 Critical Log Signatures: The Diagnostic Reference
These are the log entries that matter most for operational diagnosis. Recognizing them immediately without searching through documentation is what separates fast incident response from slow.
Signature 1: Producer Flow Control (PFC) Activated
| INFO | Usage(default:store:queue://orders.process:store) percentUsage=99%, usage=107374182400, limit=107374182400: Persistent store is Full, 100% of 107374182400. Stopping producer (ID:app-server-1:1:1:1) to prevent flooding queue://orders.process. (blocking for: 1800s) |
What it means: A resource limit (store/temp/memory) has been reached. The producer is blocked. The blocking for time tells you how long this has been active. If this is >5 minutes, it is an active incident.
Action: Read the resource type from Usage(default:TYPE:…). Match to the PFC decision matrix in our Producer Flow Control Troubleshooting guide. If blocking for is growing, the resource is not clearing.
Signature 2: Broker Startup Complete
| INFO | Apache ActiveMQ 5.18.3 (localhost, ID:app-server-1-1234567890-0:1) started INFO | For help or more information, please see: http://activemq.apache.org INFO | ActiveMQ WebConsole available at http://0.0.0.0:8161/ INFO | Connector openwire started INFO | Connector amqp started |
What it means: Normal startup complete. Note the broker ID (ID:app-server-1-…). This changes on each restart and is used in PFC log entries to identify which producer is blocked. Confirm all expected connectors appear in the log, a missing Connector mqtt started line means the MQTT transport failed to bind its port.
Signature 3: KahaDB Journal Recovery on Startup
| INFO | KahaDB is version 6 INFO | Recovering from the journal @0:0 INFO | Recovery replayed 45231 operations from the journal in 127.3 seconds. |
What it means: Normal behavior after an unclean shutdown (power loss, OOM kill, SIGKILL). The broker is replaying journal records to rebuild the in-memory state. The time shown is the RTO for this startup event. If this takes longer than expected for your data volume, investigate the KahaDB index cache size (indexCacheSize) and consider whether journal files have grown unexpectedly.
Concerning variant:
| INFO | Detected missing/corrupt journal files. Dropped 3 messages from the index in 0.003 seconds. |
This means some journal records were skipped due to corruption. See our Backup and Disaster Recovery post for the recovery procedure.
Signature 4: OutOfMemoryError – Heap Space
| ERROR | java.lang.OutOfMemoryError: Java heap space | org.apache.activemq.broker.BrokerService | ActiveMQ Broker |
What it means: The JVM heap is exhausted. If the broker configured -XX:+HeapDumpOnOutOfMemoryError, a heap dump file will have been written to the configured path. The broker will likely crash or become unresponsive.
Before the crash look for this warning sequence that often precedes the OOM:
| WARN | Memory usage exceeded threshold: 90% | org.apache.activemq.usage.MemoryUsage | ActiveMQ Broker |
This WARN is the early-warning signal. Configure a log-based alert on this pattern, and you can act before the OOM occurs. We covered the three OOM types and their fixes in our JVM Memory & GC Tuning guide.
Signature 5: Transport Connection Drop / Client Disconnect
| WARN | Transport Connection to: tcp://10.0.1.42:51234 failed: java.net.SocketException: Connection reset | org.apache.activemq.transport.tcp.TcpTransport | ActiveMQ Transport: tcp://… |
What it means: A client connection dropped unexpectedly (not a clean close()). This is normal for transient network events.
Concerning pattern: the same client IP appearing repeatedly in rapid succession indicates a client that is crashing and reconnecting in a loop, or a network path with instability.
Distinct from clean disconnect:
| INFO | Connector openwire Stopped |
A clean connector stop is an INFO, not WARN. A transport failure is always WARN or ERROR.
Signature 6: Inactive Connection Cleanup
| INFO | Inactive for longer than 600000 ms – removing … tcp://10.0.1.55:49102@61616 |
What it means: A TCP connection has been idle for 10 minutes (600,000ms is the default inactivity timeout) and has been cleaned up by the broker. This is normal behavior, the broker automatically removes dead connections to reclaim resources. Seeing this frequently for the same client IP indicates a client that is not keeping its connection alive and may need to configure connection factory heartbeats.
Signature 7: KahaDB Corruption Detected
| INFO | Corrupt journal records found in ‘db-326.log’ between offsets: 19460423-21031378 | org.apache.activemq.store.kahadb.MessageDatabase | main ERROR | Failed to start ActiveMQ JMS Message Broker. Reason: java.io.EOFException | org.apache.activemq.broker.BrokerService | main |
What it means: The KahaDB journal contains corrupt records. The broker may or may not start depending on configuration. The sequence of INFO | Corrupt journal records found followed by ERROR | Failed to start means checkForCorruptJournalFiles=true is working as intended, it detected and stopped rather than silently discarding data.
Signature 8: GC Overhead Limit / OOM GC Overhead
| ERROR | java.io.IOException: Unexpected error occurred: java.lang.OutOfMemoryError: GC overhead limit exceeded |
What it means: The JVM is spending >98% of time on garbage collection but recovering <2% of heap. The heap is permanently saturated. This is distinct from Java heap space OOM, the GC overhead limit indicates the heap is full AND the GC cannot reclaim it, typically because everything in the heap is live (slow consumer message accumulation, memory leak). This is the type that benefits most from enabling checkForCorruptJournalFiles=true + PFC configuration rather than simply increasing the heap.
Signature 9: Network of Brokers / Bridge Connection Loss
| WARN | Failed to create network connection between: this#0 and: tcp://broker2:61616 Error: could not connect. Reason: java.net.ConnectException: Connection refused | org.apache.activemq.network.NetworkConnector | ActiveMQ Network Connector: … |
What it means: A network connector to a remote broker has failed. The NoB bridge is down. Depending on your topology, this may affect message routing across brokers. The WARN will repeat at the reconnect interval, frequent repetition is expected while the remote broker is unavailable.
Signature 10: Apache Artemis™ Critical Analyzer: Thread Unresponsive
| WARN [org.apache.activemq.artemis.core.server] AMQ224081: The component org.apache.activemq.artemis.core.server.impl.ServerConsumerImpl@… is not responsive ERROR [org.apache.activemq.artemis.core.server] AMQ224079: The process for the virtual machine will be killed, as component … is not responsive |
What it means: Apache Artemis™’s built-in Critical Analyzer has detected that a broker component has stopped responding. The broker will generate a thread dump (AMQ222199) and then either kill the JVM (KILL policy) or shut down (SHUTDOWN policy) depending on critical-analyzer-policy in broker.xml. This is a self-protection mechanism against deadlocks and I/O freezes. The thread dump in the log is the primary diagnostic artifact, look for threads in BLOCKED state holding locks needed by other threads.
Critical Log Signatures Reference Table
| Signature | Level | Key String | Meaning | Urgency |
| PFC Activated | INFO | Stopping producer | Resource limit hit | High if blocking for > 5min |
| Broker Started | INFO | Apache ActiveMQ … started | Normal startup | Informational |
| Journal Recovery | INFO | Recovering from the journal | Normal post-crash | Watch recovery time |
| OOM — Heap Space | ERROR | OutOfMemoryError: Java heap space | Heap exhausted | Critical |
| Connection Drop | WARN | Transport Connection to: … failed | Client disconnected | Medium (high if repeated) |
| Inactive Cleanup | INFO | Inactive for longer than 600000 ms | Normal cleanup | Informational |
| KahaDB Corruption | INFO+ERROR | Corrupt journal records found | Journal corrupted | Critical |
| OOM — GC Overhead | ERROR | GC overhead limit exceeded | Heap permanently full | Critical |
| NoB Bridge Down | WARN | Failed to create network connection | Cross-broker path lost | High |
| Critical Analyzer | WARN+ERROR | AMQ224081 / AMQ224079 | Apache Artemis™ component frozen | Critical |
Audit Logging: Compliance and Security Investigation
Audit logging records management operations – queue creation/deletion, purges, authentication events, and message operations to a separate audit.log file. It is disabled by default and must be explicitly enabled.
Apache ActiveMQ® Audit Logging
Enable via system property in bin/env:
| # bin/env — Classic audit logging activation ACTIVEMQ_OPTS=”$ACTIVEMQ_OPTS \ -Dorg.apache.activemq.audit=all” # Values: true (entry events only) | exit (completion events) | all (both) # Logs to: ACTIVEMQ_HOME/data/audit.log Apache ActiveMQ(r) audit log entries: 2026-04-04 14:22:07,225 | INFO | admin requested /admin/createDestination.action [JMSDestination=’orders’ JMSDestinationType=’queue’] from 192.168.1.10 | qtp12205619-39 2026-04-04 14:22:57,553 | INFO | admin called org.apache.activemq.broker.jmx.QueueView.purge[] | RMI TCP Connection(8)-192.168.1.10 |
Each entry captures: username (or “anonymous”), the operation (HTTP endpoint or JMX method name), parameters, and the client IP. This provides a complete management audit trail for compliance purposes.
Apache Artemis™ Audit Logging
Enable in etc/log4j2.properties by changing logger levels from OFF to INFO:
# Enable audit logging for all three audit loggers
logger.audit_base.level = INFO # JMX operations: queue create/delete/purge
logger.audit_resource.level = INFO # Auth: login success/failure, queue changes via console
logger.audit_message.level = INFO # Message ops: produce, consume, browse
Apache Artemis™ audit log entries:
2026-04-04 14:30:00,841 INFO [org.apache.activemq.audit.resource]
User admin@192.168.1.10 is creating a queue on target: orders.main
notification: CREATE_QUEUE
2026-04-04 14:31:15,223 INFO [org.apache.activemq.audit.message]
User svc-consumer@10.0.1.25 is consuming a message from orders.main
with messageID=…
We covered the security implications of audit logging, including which audit events are relevant for HIPAA, PCI-DSS, and SOC 2 compliance requirements in our Security Hardening Guide post. The key point: enabling audit.message on high-throughput queues generates extremely high log volume. For compliance, selectively enable it only on the queues and addresses that contain regulated data.
Are Your ActiveMQ Logs Telling You Everything They Should?
Most ActiveMQ deployments run with a default logging configuration – rolling files too small, no audit log, no GC log correlation, no aggregation. meshIQ’s team reviews logging and observability configurations and can identify gaps that are leaving critical operational signals uncaptured.
Request a Logging ReviewGC Log Correlation: Connecting JVM Events to Broker Behavior
The broker log and the GC log are two independent observability streams that must be analyzed together to diagnose latency incidents. A message delivery gap in the broker log may be caused by either a broker-level resource event (PFC, slow consumer) or a JVM-level GC stop-the-world pause. Without GC log correlation, these two root causes are indistinguishable from the broker log alone.
Scenario: a consumer application reports 500ms message delivery gaps at irregular intervals. The broker log shows no PFC events during those times. The GC log shows:
2026-04-04 02:13:47.110 [5.892s][info][gc] GC(12) Pause Full (G1 Compaction Pause)
2026-04-04 02:13:47.621 [5.892s][info][gc] GC(12) Pause Full (G1 Compaction Pause) 511ms
511ms at exactly the timestamp of the consumer-reported gap. The root cause was a G1GC full GC event, not a broker resource issue. The fix is GC tuning, not broker configuration.
How to correlate:
# Find all GC pause events in GC log with duration > 100ms
grep “Pause Full” /opt/activemq/data/gc.log | awk -F’ms’ ‘$1>100’
# Find all PFC events in broker log
grep “Stopping producer” /opt/activemq/data/activemq.log
# Cross-correlate timestamps (within 1-second window)
# If PFC events and GC events share timestamps → GC caused the resource pressure
# If only GC events match → GC pause is the root cause
The -Xlog:gc*:file=… configuration recommended there produces GC logs whose timestamp format is compatible with the broker log for direct correlation.
Log Aggregation: From Reactive Forensics to Proactive Alerting
Searching log files on individual broker hosts is sufficient for forensics but insufficient for proactive operations. Log aggregation, shipping ActiveMQ logs to a centralized platform (ELK Stack, Loki/Grafana, Splunk, Sumo Logic), transforms logs from reactive incident artifacts into real-time alert sources.
Key Log-Based Alert Patterns
| # Prometheus (via Loki log scraping) — alert on PFC events # Fires as soon as any PFC event appears count_over_time({job=”activemq”} |= “Stopping producer” [5m]) > 0 # Alert on OOM warning (leading indicator before OOM crash) count_over_time({job=”activemq”} |= “Memory usage exceeded threshold” [5m]) > 0 # Alert on KahaDB corruption detection count_over_time({job=”activemq”} |= “Corrupt journal records found” [5m]) > 0 # Alert on repeated connection drops from same IP (possible client crash loop) count_over_time( {job=”activemq”} |= “Transport Connection to:” |= “failed:” [5m] ) > 10 # Alert on Artemis critical analyzer activation count_over_time({job=”activemq”} |= “AMQ224081” [5m]) > 0 |
Configuring Structured Logging for Aggregation
For log aggregation tools, JSON-structured output significantly improves parsing and query performance over the default pipe-separated format. Log4j2 provides a JsonLayout that produces machine-parseable output:
| # JSON layout for log aggregation (replaces PatternLayout in appender config) appender.activemq.layout.type = JsonLayout appender.activemq.layout.complete = false appender.activemq.layout.compact = true appender.activemq.layout.locationInfo = true # Produces: {“instant”:{“epochSecond”:1714795200},”level”:”WARN”,”message”:”…”} |
This output is directly parseable by Filebeat, Logstash, Fluentd, and Promtail (for Loki) without custom pattern configuration. We covered the full Prometheus + Grafana monitoring stack integration, including metric-based alerting that complements log-based alerting in our Monitoring & Alerting Setup post.
Targeted DEBUG Logging: The Right Way to Deep-Dive
When a specific component is behaving unexpectedly, and INFO logs don’t show enough detail, enabling DEBUG for that logger namespace gives deep visibility without drowning the entire log in noise.
| # Targeted DEBUG examples — enable only the relevant namespace # Diagnosing connection drops or transport errors: logger.transport_debug.name = org.apache.activemq.transport logger.transport_debug.level = DEBUG # Tracing KahaDB journal operations during recovery investigation: logger.kahadb_debug.name = org.apache.activemq.store.kahadb logger.kahadb_debug.level = DEBUG # Tracing NoB bridge connection and subscription behavior: logger.network_debug.name = org.apache.activemq.network logger.network_debug.level = DEBUG # Artemis journal I/O tracing: logger.artemis_journal_debug.name = org.apache.activemq.artemis.journal logger.artemis_journal_debug.level = DEBUG # SECURITY WARNING: never enable TRACE on security loggers in shared environments # logger.security_trace.name = org.apache.activemq.security # logger.security_trace.level = TRACE # Would log credentials in some configurations |
With monitorInterval=30 in the production config, these logger-level additions take effect within 30 seconds of saving the file. Revert the level to INFO as soon as the troubleshooting session is complete.
The DEBUG volume warning: DEBUG logging on org.apache.activemq.transport on a high-connection broker (hundreds of clients) will generate multiple log entries per message per connection. On a broker handling 10,000 messages/second, DEBUG at the transport level can produce gigabytes of logs per hour. Always scope DEBUG logging to the narrowest namespace that will reveal the issue.
Log Diagnostics Workflow: The 5-Step Process
When a broker incident is reported, apply this workflow before assuming you know the root cause:
Step 1: Establish the incident timeline
# What changed in the last 30 minutes before the incident was reported?
grep “2026-04-04 0[1-2]:” /opt/activemq/data/activemq.log | tail -100
Step 2: Scan for ERROR and WARN level events in the window
grep -E “ERROR|WARN” /opt/activemq/data/activemq.log | grep “2026-04-04 02:”
Step 3: Check for PFC events
grep “Stopping producer” /opt/activemq/data/activemq.log | tail -20
# Note the ‘blocking for’ duration in the most recent entry
Step 4: Check GC log for stop-the-world pauses in the same window
grep “Pause Full\|Pause Young” /opt/activemq/data/gc.log | grep “2026-04-04 02:”
Step 5: Cross-reference timestamps If Step 3 shows PFC starting at 02:13:47, and Step 4 shows a 511ms GC pause at 02:13:47, the GC pause likely triggered the memory pressure that caused PFC. Fix the GC issue first.
Unified Log + Metric Visibility for Your ActiveMQ Fleet
meshIQ Console correlates broker metrics and log events in a single dashboard, surfacing PFC events, OOM warnings, connection drop rates, and KahaDB recovery sequences alongside queue depth, consumer count, and memory utilization charts. No more switching between log files and metric dashboards during an incident.
See It in ActionThe Log Is the Source of Truth
Every significant ActiveMQ operational event has a log signature. The broker log is not noise, it is a structured record of everything the broker has done and everything it encountered. Knowing the 10 critical signatures, having a production log4j2 configuration that captures rolling history, enabling audit logging for compliance, correlating GC logs with broker events, and shipping logs to an aggregation platform where alerts fire on PFC and OOM patterns – these together give you an operational posture where incidents are discovered from logs before users report them.
Get your ActiveMQ log and observability configuration reviewed by our team → Request a Review
Frequently Asked Questions
Q1: Where are ActiveMQ log files located?
Apache ActiveMQ®: data/activemq.log (broker log) and data/audit.log (if enabled), configured in conf/log4j2.properties (5.17.0+). Apache Artemis™: log/artemis.log and log/audit.log, configured in etc/log4j2.properties.
Q2: How do I enable DEBUG logging in ActiveMQ?
Edit log4j2.properties and add/change the logger level for the target namespace. With monitorInterval=30, the change takes effect within 30 seconds without a restart. Revert to INFO after troubleshooting, DEBUG at transport or store level on a high-throughput broker produces enormous log volume.
Q3: What does ‘Stopping producer to prevent flooding’ mean in ActiveMQ logs?
Producer Flow Control (PFC) has been activated, a resource limit was reached. The log identifies the resource type (store/temp/memory), the destination, the producer ID, and the block duration. See our Producer Flow Control Troubleshooting guide for the complete diagnosis procedure.
Q4: How do I enable audit logging in ActiveMQ?
Apache ActiveMQ®: set -Dorg.apache.activemq.audit=all in ACTIVEMQ_OPTS. Apache Artemis™: change the audit logger levels in etc/log4j2.properties from OFF to INFO. Three independent Artemis audit loggers cover JMX operations, authentication events, and message operations.
Q5: What log level should I use in production ActiveMQ?
INFO is the correct production level. It captures all meaningful operational events without the volume of DEBUG. Configure rolling files with at least 500MB of retention (10 × 50MB files) to preserve enough history for post-incident forensics.