To enable detailed logging:
- Create a file named ds_agent.ini under the %SystemRoot% directory (example: C:\Windows\ds_agent.ini).
-
Put the following line inside the file:
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
- Restart the Trend Micro Deep Security Agent service.
To view and save the log, use the DebugView utility:
- Download the DebugView utility.
- Run the DbgView.exe tool as administrator and enable the options below:
- Capture the following:
- Capture Win32
- Capture Kernel
- Pass-Through
Capture Events
- Configure the following:
- Win32 PIDs
- Force Carriage Returns
- Clock Time
Show Milliseconds
- Capture the following:
- Replicate the issue.
- Save an output of the log file.
You can also save the log automatically by pressing CTRL + G or by clicking the Log to File icon. Locate a directory where you want to save the log, then click OK.
- Close the DbgView window.
Enabling detailed logging of the Agent will generate more details on the diagnostic package. Thus, it will generate larger and more files that may consume disk space.
Make sure to disable detailed logging once you have generated a diagnostic package.
To disable detailed logging:
- Delete the ds_agent.ini file from %SystemRoot% (C:\Windows).
- Restart the Trend Micro Deep Security Agent service.
To enable debug logs without DebugView:
- Create the ds_agent.ini file under system root (c:\Windows or c:\Winnt).
- Input any of the following lines in the ds_agent.ini file:
- Trace=*
Trace.file_name=<log> - Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
Trace.file_name=<log>
In the commands above, "Trace.file_name=<log>" refers to the DSA log file name. Below is an example:
Trace.file_name=dsa_debug_Computer1
Trace.file_count=10
Trace.file_size=1048576
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL - Trace=*
- Restart the DSA service.
- Collect the diagnostic package.
Using the DSM:
- Open the DSM console.
- Go to Actions.
- Click Collect Diagnostic Package.
Using the DSA:
- Open a command prompt and type "cd" command to navigate to the DSA installation folder.
- Type "dsa_control -d" to generate the Diagnostic Package regardless of the diagnostic folder location.
To enable detailed logging:
-
Modify the /etc/syslog.conf (or /etc/rsyslog.conf) file by adding any of the following lines:
local0.info /var/log/messages
local0.* /var/log/messages - Create a file named ds_agent.conf under the /etc directory.
-
Add the following line inside the ds_agent.conf file:
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
This will enable extra tracing for the various sub-components of the Deep Security Agent. If you do not want output from a certain component, just exclude that component from the line.
- Restart the Trend Micro Deep Security Agent Service using this command:
# service ds_agent restart
The output goes to syslog using "local0", so the location depends on your /etc/syslog.conf settings.
Enabling detailed logging of the Agent will generate more details on the diagnostic package. Thus, it will generate larger and more files that may consume disk space.
Make sure to disable detailed logging once you have generated a diagnostic package.
To disable detailed logging:
- Delete /etc/ds_agent.conf.
- Restart the Trend Micro Deep Security Agent service.
To enable detailed logging:
- Create a file named ds_agent.conf under the /etc directory.
- Modify the /etc/syslog.conf file and add “*.info” to the line pointing to /var/adm/messages.
Example:
*.err;kern.debug;daemon.notice;mail.crit;*.info /var/adm/messages
- Restart the syslog service using the following command:
svcadm restart /system/system-log:default
- Modify the ds_agent.conf file by adding the following line:
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
This will enable extra tracing for the various sub-components of the Deep Security Agent. If you don't want to see output from a certain component, just exclude that component from the line.
The output goes to syslog using /var/adm/messages.
Enabling detailed logging of the Agent will generate more details on the diagnostic package. Thus, it will generate larger and more files that may consume disk space.
Make sure to disable detailed logging once you have generated a diagnostic package.
To disable detailed logging:
- Delete the /etc/ds_agent.conf file.
- Restart the Trend Micro Deep Security Agent service.
To enable detailed logging:
- Create a file named ds_agent.conf under the /etc directory.
- Modify the /etc/syslog.conf file by adding “*.info”. Refer to the sample below:
*.info /var/adm/syslog/syslog.log
- Restart the syslog service using these commands:
/sbin/init.d/syslogd stop
/sbin/init.d/syslogd start - Modify the ds_agent.conf file by adding the following line:
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
This will enable extra tracing for the various sub-components of the Deep Security Agent. If you don't want to see output from a certain component, just exclude that component from the line.
The output goes to syslog using /var/adm/syslog/syslog.log.
Enabling detailed logging of the Agent will generate more details on the diagnostic package. Thus, it will generate larger and more files that may consume disk space.
Make sure to disable detailed logging once you have generated a diagnostic package.
To disable detailed logging:
- Delete the /etc/ds_agent.conf file.
- Restart the Trend Micro Deep Security Agent service.
To enable detailed logging:
- Create a filed named ds_agent.conf under the /etc directory.
- Modify /etc/syslog.conf by adding the following line:
local0.info /var/log/syslog
- Restart syslog using this command:
Refresh –s syslogd
- Modify the ds_agent.conf file by adding the following line:
Trace=Appl Beat Cmd Cfg Conn HTTP Log Lstn Srvc SSL
This will enable extra tracing for the various sub-components of the Deep Security Agent. If you don't want to see output from a certain component, just exclude that component from the line.
The output goes to syslog using /var/log/syslog.
Enabling detailed logging of the Agent will generate more details on the diagnostic package. Thus, it will generate larger and more files that may consume disk space.
Make sure to disable detailed logging once you have generated a diagnostic package.
To disable detailed logging:
- Delete the /etc/ds_agent.conf file.
- Restart the Trend Micro Deep Security Agent service.
To know more about the log files and their descriptions, refer to this article: List of log files in Deep Security.