To be able to view detailed connection information, download the logs from the Trend Vision One console. Follow these steps:
- Generate the Forward Proxy logs from Trend Vision One console.
- Log in to Trend Vision One and switch to Service Gateway Management.
- Choose your Service Gateway appliance. Click it to go to the details page then click Support.
- Choose the time range and forward proxy service to collect log.
Note that for this statistics, only forward proxy service is supported.
- Click Generate Log File and wait for the logs upload to notification center.
- Log in to Trend Vision One and switch to Service Gateway Management.
- Download and then extract the logs package with "trend" and parse the logs:
- Extract package.
- Check Access.log file.
Note that the logs use GMT+0 time.
- According to the log format to read the access log and check the agent connected with service gateway details.
1. Local time. Optional strftime format argument default %d/%b/%Y:%H:%M:%S %z 2. Seconds since epoch 3. Response time (milliseconds) 4. Client source IP address 5. request status (TCP_MISS/TCP_TUNNEL etc) 6. HTTP status code sent to the client (notes: if it is not 200, the connection is failure, should check network/firewall and so on) 7. Total size of request received from client. Excluding chunked encoding bytes. 8. Total size of reply sent to client (after adaptation) 9. client guid, product name; client host name 10. hierarchy status ( upsteam) 11. Server FQDN or peer name 12. MIME content type 13. User-Agent 14. HTTP status code received from the next hop
- For the above example, 10.206.139.224 is the agent IP. You can check the agent details connected with this Service Gateway Virtual Appliance.
- Extract package.