Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Enabling Anti-Malware debug log in Deep Security Virtual Appliance (DSVA) 9.5

    • Updated:
    • 1 Apr 2015
    • Product/Version:
    • Deep Security 9.5
    • Platform:
    • CentOS 6 64-bit
Summary
The steps and behavior to enable Anti-Malware debug logs for agentless protected virtual machines in Deep Security Virtual Appliance (DSVA) is different between DSVA 9.0 (and below) and DSVA 9.5.
Deep Security 9.0 uses Ubuntu platform while DSVA 9.5 uses CentOS. Log name and location in verison 9.5 also differ from the lower versions.
Details
Public
To enable Anti-Malware debug log in DSVA 9.5:
  1. Log in to the DSVA console.
  2. Press ALT + F2 to open the non-graphical console.
  3. Enter the following credentials:
    username: dsva
    password by default: dsva
  4. Switch to root with using the following command:
    sudo -s
  5. To increase the debug level of Anti-Malware, run the following command: 
    killall -USR1 ds_am
  6. In DSVA 9.5, there is no output for the command in Step 5 to tell the current debug level. To know the current debug level, check the AM log file: /var/opt/ds_agent/diag/ds_am.log. Look for the "debug_level changed" keyword. For example:
    2014-11-12 09:36:11.533774: [ds_am/0] | debug_level changed: 8->7  | main.cpp:978:dec_debug_level | 65C:65C:957::

    2014-11-12 09:36:11.534175: [ds_am/0] | debug_level changed: 7->6  | main.cpp:978:dec_debug_level | 65C:65C:958::

    2014-11-12 09:36:12.542703: [ds_am/0] | debug_level changed: 6->5  | main.cpp:978:dec_debug_level | 65C:65C:959::

  7. To easily monitor the debug level change, open another screen and run the following command with root privilege:
    tail -f /var/opt/ds_agent/diag/ds_am.log  | grep "debug_level changed"
  8. For real-time scan related issues, increase the debug level to eight (8) or higher. After reproducing the issue, decrease the debug level to five (5) or lower using the "killall -USR2 ds_am" command.
  9. Create a diagnostic package for the DSVA and the debug log will be included in the diagnostic package.
Premium
Internal
Rating:
Category:
Troubleshoot; SPEC
Solution Id:
1105889
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.