Description
🔹 Question:
I'm working with two separate ASP.NET Core 8 applications:
-
APIGateway
-
IdentityService
Both are deployed on the same Windows Server and hosted in IIS under their own dedicated Application Pools. I have configured Serilog in both applications to log to the same physical file (C:\Logs\Logs.log) with rollingInterval set to Day, and shared: true to allow concurrent access.
Here’s a simplified snippet of the Serilog config used in both apps (appsettings.json):
json
CopyEdit
"Serilog": {
"Enrich": [ "FromLogContext" ],
"WriteTo": [
{
"Name": "File",
"Args": {
"path": "C:\\Logs\\Logs.log",
"rollingInterval": "Day",
"outputTemplate": "[{Timestamp:yyyy-MM-dd HH:mm:ss,fff}] {Message}{NewLine}{Exception}",
"shared": true
}
},
{
"Name": "Console",
"Args": {
"outputTemplate": "[{Timestamp:yyyy-MM-dd HH:mm:ss,fff}] {Message}{NewLine}{Exception}"
}
}
]
}
✅ What works:
-
When both application pools are configured to run as LocalSystem, both apps log correctly to the same file.
-
When only one application runs under a custom identity, that app logs fine.
-
The issue only appears when both apps use separate custom identities.
-
Logging also works when both apps run under the default ApplicationPoolIdentity user.
❌ What doesn’t work:
When both apps use custom application pool identities (e.g., DOMAIN\GatewayUser and DOMAIN\IdentityUser), only one of the two logs to the file. The other silently fails to write any logs — no errors or exceptions are thrown, and Serilog’s SelfLog doesn't report anything obvious either.
🔍 What I've tried:
Ensured both custom user accounts have Modify permissions on the C:\Logs folder and the existing Logs.log file.
Verified file access with icacls to confirm proper NTFS permissions.
Enabled Serilog self-logging using:
csharp
CopyEdit
Serilog.Debugging.SelfLog.Enable(msg => Debug.WriteLine(msg));
Confirmed that each application is using the correct configuration and file path.
Restarted both application pools and ensured they’re not accessing the file simultaneously at startup.
⚙️ Server Environment:
-
Windows Server 2019
-
IIS 10
-
.NET 8
-
Serilog.Sinks.File (v5.0.0)
App pools are Integrated mode, running separately for each app
🤔 My Goal:
I want both applications, running under different app pools, to be able to log to the same file reliably with same identity user.
❓ What I Need Help With:
-
Is this a known file sharing/locking issue with Serilog when using different users?
-
Are there additional permissions or security settings required beyond NTFS Modify access?
-
Is there a recommended approach to configure Serilog or IIS to make this setup work reliably across different identities?