Introduction
This article will describe the ways you can enable extensive trace logging for the vSEC:CMS. This can be helpful when troubleshooting issues encountered in your environment when using the vSEC:CMS product suite.
As there are several different components used in the vSEC:CMS there are several areas where trace logging can be enabled. This article will describe all of the different components where trace logging can be enabled.
Trace Logging for Admin and Agent Console
If an Operator is experiencing issues when using the vSEC:CMS Admin or Agent application console it may be necessary to enable trace logging in order for Versasec Support engineers to determine root cause.
There are 3 ways that can be used in order to generate trace logging.
Method 1 - Using PowerShell Script
From version 6.8 a PowerShell script is included that can be run to automatically enable trace logging for these applications. From the client host where you wish to enable logging, open PowerShell with Administrator rights and change to the location where vSEC:CMS is installed. You should see a folder named Enable_TraceLog. Go into this folder and run the script '.\Trace Logging for vSECCMS Console Logs - HKCU .ps1'.
You will be prompted to enable/disable the logging. Select 1 which will result in a folder named vSEC-trace being created on the root of the c:\ drive into which the logging file will be written.
Once you complete your investigations it is recommended to disable logging. Again run the script and select option 2 to disable the logging.
Method 2 - Via Registry
Using this method is the preferred mechanism.
1. Create a folder named vSEC-trace on the root of c:\ drive on the client.
2. Open up regedit.
3. In the location [HKEY_CURRENT_USER\Software\Versatile Security\vSEC_CMS_T] set the following registry entries:
Name: log.level of type DWORD and value (hex) 5
Name: log.Enable of type DWORD and value (hex) 1
Name: log.FileName of type STRING and value
c:\vSEC-trace\vSEC_console_trace_#p#.txt
Name: log.maxsize of type DWORD and value (hex) 64000000
Name: log.minsize of type DWORD and value (hex) 20000000
Name: log.archive of type DWORD and value (hex) 1
4. Start the Admin or Agent console and recreate the issue that you may be experiencing and you should see a trace file created in c:\vSEC-trace
5. Provide the trace file to your Versasec support engineer for further analysis.
When the issue is resolved it is recommended that you disable the trace logging in registry. You can do this by setting the registry entry log.Enable to 0.
Method 3 - Via Admin or Agent Application
It is possible to create trace logging directly from the Admin or Agent application session.
1. From Help - Diagnostic click the Start trace button and click Close.
2. Recreate the issue that you may be experiencing.
3. When complete with recreating the issue go back to Help - Diagnostic and click the Stop trace button.
4. Click the Save button and save the trace to a file.
5. Provide the trace file to your Versasec support engineer for further analysis.
Trace Logging for vSEC:CMS Service
If issues are occurring with your vSEC:CMS system it may be necessary to enable trace logging on the vSEC:CMS service. The vSEC:CMS service is running on the server where the vSEC:CMS is installed and is named vSEC:CMS Service. There are 2 ways that service logs can be captured.
Method 1 - Using PowerShell Script
From version 6.8 a PowerShell script is included that can be run to automatically enable trace logging for the service. From the client host where you wish to enable logging, open PowerShell with Administrator rights and change to the location where vSEC:CMS is installed. You should see a folder named Enable_TraceLog. Go into this folder and run the script '.\Trace Logging for vSECCMS Service Logs 64-bits- HKLM .ps1' if you are running the 64-bit version or '.\Trace Logging for vSECCMS Service Logs 32-bits- HKLM .ps1' if you are running 32-bit version.
You will be prompted to enable/disable the logging. Select 1 which will result in a folder named vSEC-trace being created on the root of the c:\ drive into which the logging file will be written.
Once you complete your investigations it is recommended to disable logging. Again run the script and select option 2 to disable the logging.
Method 2 - Via Registry
1. Create a folder named vSEC-trace on the root of c:\ drive.
2. Open up regedit.
3. Depending on whether you are running the 32 or 64-bit version of vSEC:CMS, navigate to the location [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Versatile Security\VSEC_CMS_T\Service] for 32-bit or [HKEY_LOCAL_MACHINE\Software\Versatile Security\VSEC_CMS_T\Service] for 64-bit and set the following registry entries:
Name: log.level of type DWORD and value (hex) 5
Name: log.Enable of type DWORD and value (hex) 1
Name: log.FileName of type STRING and value
c:\vSEC-trace\vSEC_service_trace_#p#.txt
Name: log.maxsize of type DWORD and value (hex) 64000000
Name: log.minsize of type DWORD and value (hex) 20000000
Name: log.archive of type DWORD and value (hex) 1
4. Recreate the issue. You should see a trace file in the location
c:\vSEC-trace
5. Provide the trace file to your Versasec support engineer for further analysis.
When the issue is resolved it is recommended that you disable the trace logging in registry. You can do this by setting the registry entry log.Enable to 0.
Trace Logging for vSEC:CMS User
If issues are occurring on a client machine that is using the vSEC:CMS User application it may be necessary to enable trace logging in order to be able to determine root cause.
There are 3 ways that can be used in order to generate trace logging for this application.
Method 1 - Using PowerShell Script
From version 6.8 a PowerShell script is included that can be run to automatically enable trace logging for this application. From the client host where you wish to enable logging, open PowerShell with Administrator rights and change to the location where vSEC:CMS is installed. You should see a folder named Enable_TraceLog. Go into this folder and run the script '.\Trace Logging for vSECCMS User Self Service - HKCU - New.ps1'.
You will be prompted to enable/disable the logging. Select 1 which will result in a folder named vSEC-trace being created on the root of the c:\ drive into which the logging file will be written.
Once you complete your investigations it is recommended to disable logging. Again run the script and select option 2 to disable the logging.
Method 2 - Via Registry
1. Create a folder named vSEC-trace on the root of c:\ drive on the client where the application is running.
2. Open up regedit on the client where the application is running.
3. In the location [HKEY_CURRENT_USER\SOFTWARE\Versatile Security\vSEC_CMS_T\USS] set the following registry entries:
Name: log.level of type DWORD and value (hex) 5
Name: log.Enable of type DWORD and value (hex) 1
Name: log.FileName of type STRING and value
c:\vSEC-trace\USS_vSEC_trace_logging_#p#.txt
Name: log.maxsize of type DWORD and value (hex) 64000000
Name: log.minsize of type DWORD and value (hex) 20000000
Name: log.archive of type DWORD and value (hex) 1
4. Start the application and recreate the issue that you may be experiencing and you should see a trace file created in c:\vSEC-trace
5. Provide the trace file to your Versasec support engineer for further analysis.
When the issue is resolved it is recommended that you disable the trace logging in registry. You can do this by setting the registry entry log.Enable to 0.
Method 3 - Via Application Console
It is possible to create trace logging directly from the application console session.
1. From Help - Diagnostic click the Start trace button and click Close.
2. Recreate the issue that you may be experiencing.
3. When complete with recreating the issue go back to Help - Diagnostic and click the Stop trace button.
4. Click the Save button and save the trace to a file.
5. Provide the trace file to your Versasec support engineer for further analysis.
Comments
0 comments
Please sign in to leave a comment.