Maintenance - Log Locations for Debugging
This section provides information and guidance that can help you maintain and debug your system. Log locations are documented here and include logs generated for your entire experience with the Application Control for Linux system, from initial installation to deploying policies in production.
•The installation of the AC for Linux Master Installer is logged in "C:\ProgramData\Ivanti\ACServer\"
• Resulting files will be named in the following format: "master_20211028113915.txt",
Where "20211028113915" is the installation time-stamp.
•The AC for Linux sub-installer for the AC & AF Servers is also logged in "C:\ProgramData\Ivanti\ACServer\"
•Resulting files will be named in the following format: "master_20211028113915_002_AFServerHostSetup.msi.txt"
•Where "20211028113915" is the installation timestamp and the "002" is the current rotation number.
Application Control for Linux communication via the AF Server is actively logged :
•Runtime logging information detailing execution of the AF Server instance is saved to: "C:\ProgramData\Ivanti\ACServer"
AC Agent Logs
Current log files are located here: "/opt/ivanti/ac/logs/".
Older log files are rotated here: "/opt/ivanti/ac/logs/old".
Older log files are moved to this location and new versions are generated in the main one. Versioning adds an “<underscore_number>” to the log file name.
Agent-Engine supervisory log, detailing the management of the Engine by the Agent.
In connection error scenarios, when the Engine doesn't appear to receive any data, the Agent will be aware of and report the issues.
Agent registration and control log, detailing the registration of the Agent with the Windows Backend, including secured communication status.
During registration, SSL_HANDSHAKE error scenarios can appear, and they be reported here.
Agent daemon main log, detailing the secured communication events between the Linux Endpoint and the Windows Backend.
At runtime, any communication errors will be reported here (the Agent handles and secures all communication between the AC Engine and the Windows Backend).
Agent daemon listener log, detailing the status of commands and package exchanges via all communication channels (HTTPS, MQTT).
Agent daemon updater log, detailing the status of updates and configuration arrivals from the Windows Backend infrastructure.
Agent MQTT communication log, detailing all the communication via MQTT between the Linux Endpoint and the Windows Backend.
Agent daemon telemetry log, providing detailed telemetry for all the operations executed by the agent.
At runtime, this is the best starting point for debugging all types of business logic and communication error scenarios.
AC Engine Logs
Current log files are located here: "/opt/ivanti/ac/engines/ivanti-ac-engine-<distro_name>/logs/".
Logs are located per your running distribution, so <distro_name> can be: "centos-8", or "oracle-8", or "redhat-8", quotes excluded.
Older log files are rotated here: "/opt/ivanti/ac/engines/ivanti-ac-engine-<distro_name>/logs/old".
Logs are also rotated per your running distribution, so <distro_name> can be: "centos-8", or "oracle-8", or "redhat-8", quotes excluded.
Older log files are archived and moved to this location and new files are generated in the main one. Rotation changes the file name as follows: “<log_file_name><underscore_number ><.log.gzip>”.
Engine general log, detailing all the telemetry and debug-mode information for the engine at runtime, with maximum verbosity.
Any engine business logic event (such as local allowlist caching and decision engine policy handling scenarios), can be inspected and debugged with the help of this log file.
AC Server Console Debug
Console debug back-end log information is now stored locally as well as in the database and the console view.
The local disk log can be found here:
C:\ProgramData\Ivanti\ACServer and the log name format is: ACServerLogxxxxx.txt
Modify the appropriate file, C:\Program Files\Ivanti\ACServer\AC Server\appsettings.json, for verbosity of the log here:
"MinimumLevel": "Debug", <--- modify this
From low to high, these are: Verbose, Debug, Information, Warning, Error, Fatal.
The database table that stores the header of the info in this local log is: dbo.Logs
The console view of this log can be found here: Advanced Settings tab > Server Logs
Be advised that after 1500000 entries in this viewer, loading times of the page might increase up to 15 minutes
Installation (opens UWM Help)