Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Enabling debug logs in Deep Security Manager (DSM)

    • Updated:
    • 13 Oct 2016
    • Product/Version:
    • Deep Security 8.0
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
    • Platform:
    • Linux - Red Hat RHEL 5 64-bit
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Server R2
Summary

When troubleshooting certain issues in DSM, you will need additional debugging parameters to generate more details in the logs.

Details
Public

The server0.log file is the main log output for errors and activities in the DSM.

Enable debug using the following steps:

  1. Stop the Deep Security Manager service.
  2. Open the logging.properties file under:

    For Windows: ..\Program Files\Trend Micro\Deep Security Manager\jre\lib\
    For Linux: /opt/dsm/jre/lib

  3. Add one or more of the debug options enumerated below, depending on the issue you encountered. We recommend adding the lines to the last part of the file for easy monitoring and maintenance.
  4. Save the changes and close the file.
  5. Start the DSM service.

Here are the debugging options:

 
All parameters are case-sensitive.

Option 1: UI Related Issues

  • com.thirdbrigade.manager.webclient.screens.level=ALL

Option 2: Configuration and Protocol Issues

  • com.thirdbrigade.manager.webclient.screens.level=ALL
  • com.thirdbrigade.manager.core.protocol.session.CommandProtocolSession.level=ALL
  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdaterJob.level=ALL

Option 3: Scan Management Issues

  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdater
    Command.level=ALL
  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdater
    CommandGetStatusEvents.level=ALL
  • com.thirdbrigade.manager.core.db.AgentEventPeer.level=ALL

Option 4: Anti-Malware Scan Issues

  • com.trendmicro.ds.antimalware.jobs.HostUpdaterCommandInvokeAntiMalwareScanAction.level=FINE
  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdaterCommandVirtual
    AgentSync.level=FINE
  • com.thirdbrigade.manager.core.db.AgentEventPeer.level=FINE

Option 5: All screens, including Wizard-related Issues

  • com.thirdbrigade.manager.webclient.screens.level = ALL

Option 6:  vCenter-related Issues

  • com.thirdbrigade.manager.core.virtual.level=ALL
  • com.thirdbrigade.manager.core.virtualization.vmware.level = ALL

Option 7:  Database-related Issues

  • com.thirdbrigade.persistence1.level = ALL

Option 8: Startup Information Logging

  • com.thirdbrigade.manager.webclient.initialization.level = ALL
  • com.thirdbrigade.manager.core.Core = ALL
  • com.thirdbrigade.manager.core.security.ClientSecurityManager.level=ALL

Option 9: Host Updater Job (including agent security configuration XML) Debugging

  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdaterJob.level=ALL
  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.HostUpdaterCommand.level=ALL

Option 10: Agent Communication Protocol Logging

  • com.thirdbrigade.manager.core.protocol.level = ALL

Option 11: Detection Engine (ie Recommendation Scans) Logging

  • com.thirdbrigade.manager.core.detectionengine.level=ALL

Option 12: Manager Job-related Issues

  • com.thirdbrigade.manager.core.scheduler.jobschedulers.HostJobScheduler.level=ALL
  • com.thirdbrigade.manager.core.scheduler.JobQueuingThread.level=ALL
  • com.thirdbrigade.manager.core.scheduler.JobCreationThread.level=ALL
  • com.thirdbrigade.manager.core.scheduler.ManagerJobs.level=ALL

Option 13: AD Synchronization Issues

  • com.thirdbrigade.manager.core.util.UserUtilities.level=ALL

Option 14: Dashboard Bean Performance Issues

  • com.thirdbrigade.manager.webclient.screens.DashboardBean.level=ALL
  • com.thirdbrigade.manager.webclient.ScreenServlet.level=ALL (to replace the preceding bullet)

Option 15: Active Update Issues

    • com.thirdbrigade.manager.core.au.level=ALL
    • com.thirdbrigade.manager.webclient.ActiveUpdateServlet.level=ALL
    • com.trendmicro.ds.vulnerabilityprotection.au
 
The entry "com.thirdbrigade.manager.webclient.ActiveUpdateServlet" is deleted after Deep Security 8.0.
The entry "com.trendmicro.ds.vulnerabilityprotection.au" is for the Vulnerability Protection Active Update folder, which is new in Deep Security 9.6.

Option 16: Maintenance Job and Entity Purge-related Issues

  • com.thirdbrigade.manager.core.scheduler.jobschedulers.jobs.MaintenanceJob.level=ALL
  • com.trendmicro.ds.integrity.db.EntityPeer.level=ALL

Option 17: Enable ALL Logging on the manager

  • com.thirdbrigade.level = ALL

After enabling the DSM debug level, you can perform the following upon encountering an issue:

  1. Replicate the issue.
  2. Collect the new diagnostic package from the DSM server. For the procedure, refer to this KB article: Creating the Deep Security diagnostic package.
  3. Send the diagnostic package to Trend Micro Technical Support.

To disable debugging:

  1. Go to %ProgramFiles%\Trend Micro\Deep Security Manager\jre\lib\logging.properties.
  2. Remove the statements added to the end of the log.
  3. Restart the Deep Security Manager service.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1060659
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.