Maintenance - Log Locations for Debugging

This section provides information and guidance that can help you maintain and debug your system. Log locations are documented here and include logs generated for your entire experience with the Application Control for Linux system, from initial installation to deploying policies in production.

Windows Server

Installation

The installation of the AC for Linux Master Installer is logged in "C:\ProgramData\Ivanti\ACServer\"

Resulting files will be named in the following format: "master_20211028113915.txt",
Where "20211028113915" is the installation time-stamp.

The AC for Linux sub-installer for the AC & AF Servers is also logged in "C:\ProgramData\Ivanti\ACServer\"

Resulting files will be named in the following format: "master_20211028113915_002_AFServerHostSetup.msi.txt"

Where "20211028113915" is the installation timestamp and the "002" is the current rotation number.

Utilization

Application Control for Linux communication via the AF Server is actively logged :

Runtime logging information detailing execution of the AF Server instance is saved to: "C:\ProgramData\Ivanti\ACServer"

Linux Endpoints

AC Agent Logs

Location

Current log files are located here: "/opt/ivanti/ac/logs/".

Rotation

Older log files are rotated here: "/opt/ivanti/ac/logs/old".

Older log files are moved to this location and new versions are generated in the main one. Versioning adds an “<underscore_number>” to the log file name.

Log Files

acengd_0.log

Purpose
Agent-Engine supervisory log, detailing the management of the Engine by the Agent.

Example
In connection error scenarios, when the Engine doesn't appear to receive any data, the Agent will be aware of and report the issues.

stagentctl_0.log

Purpose
Agent registration and control log, detailing the registration of the Agent with the Windows Backend, including secured communication status.

Example
During registration, SSL_HANDSHAKE error scenarios can appear, and they be reported here.

stagentd_0.log

Purpose
Agent daemon main log, detailing the secured communication events between the Linux Endpoint and the Windows Backend.

Example
At runtime, any communication errors will be reported here (the Agent handles and secures all communication between the AC Engine and the Windows Backend).

stagentlistener_0.log

Purpose
Agent daemon listener log, detailing the status of commands and package exchanges via all communication channels (HTTPS, MQTT).

stagentupdater_0.log

Purpose
Agent daemon updater log, detailing the status of updates and configuration arrivals from the Windows Backend infrastructure.

stmqttservice_0.log

Purpose
Agent MQTT communication log, detailing all the communication via MQTT between the Linux Endpoint and the Windows Backend.

sttelemetryreporter_0.log

Purpose
Agent daemon telemetry log, providing detailed telemetry for all the operations executed by the agent.

Example
At runtime, this is the best starting point for debugging all types of business logic and communication error scenarios.

AC Engine Logs

Location

Current log files are located here: "/opt/ivanti/ac/engines/ivanti-ac-engine-<distro_name>/logs/".
Logs are located per your running distribution, so <distro_name> can be: "centos-8", or "oracle-8", or "redhat-8", quotes excluded.

Rotation

Older log files are rotated here: "/opt/ivanti/ac/engines/ivanti-ac-engine-<distro_name>/logs/old".

Logs are also rotated per your running distribution, so <distro_name> can be: "centos-8", or "oracle-8", or "redhat-8", quotes excluded.

Older log files are archived and moved to this location and new files are generated in the main one. Rotation changes the file name as follows: “<log_file_name><underscore_number ><.log.gzip>”.

Log Files

acengd.log

Purpose
Engine general log, detailing all the telemetry and debug-mode information for the engine at runtime, with maximum verbosity.

Example
Any engine business logic event (such as local allowlist caching and decision engine policy handling scenarios), can be inspected and debugged with the help of this log file.

AC Server Console Debug

Console debug back-end log information is now stored locally as well as in the database and the console view.

The local disk log can be found here:

C:\ProgramData\Ivanti\ACServer and the log name format is: ACServerLogxxxxx.txt

Modify the appropriate file, C:\Program Files\Ivanti\ACServer\AC Server\appsettings.json, for verbosity of the log here:

{

"Serilog": {

"Using": [

"Serilog.Sinks.Console",

"Serilog.Sinks.File"

],

"MinimumLevel": "Debug", <--- modify this

"WriteTo": [

  • From low to high, these are: Verbose, Debug, Information, Warning, Error, Fatal.

The database table that stores the header of the info in this local log is: dbo.Logs

The console view of this log can be found here: Advanced Settings tab > Server Logs

Be advised that after 1500000 entries in this viewer, loading times of the page might increase up to 15 minutes

Related Topics:

Configuration

Administration

Applying Rule Sets

Installation (opens UWM Help)