Difference between revisions of "Troubleshooting Files FAQ"

From Swivel Knowledgebase
Jump to: navigation, search
m (1 revision imported)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
{{Template:default}}
 
{{Template:default}}
 
{{Template:how}}
 
{{Template:how}}
 
  
 
= Troubleshooting Files FAQ =
 
= Troubleshooting Files FAQ =
  
Q). What files are useful for troubleshooting
+
To collect troubleshooting files from a Sentry Appliance:
 
 
A). The following files are useful. Please find their common locations listed below:
 
 
 
 
 
== config.xml ==
 
 
 
The file config.xml will be located under the following locations
 
 
 
*Swivel 3.9.1 on appliance: /home/swivel/.swivel/conf
 
*Swivel 3.9.1 on software: USER_HOME/.swivel/conf. Example Windows 7 c:/users/<username>/.swivel
 
*Swivel 3.9 or earlier: /usr/local/tomcat/webapps/pinsafe/WEB-INF/conf
 
*Swivel 3.9 or earlier on software: C:\Program Files\Apache Software Foundation\Tomcat 6.0\webapps\pinsafe\WEB-INF\conf
 
 
 
The config.xml can be be saved from the Swivel administration console by selecting Save Configuration.
 
 
 
 
 
== filter.xml ==
 
 
 
*Swivel 3.9.1 on appliance: /home/swivel/.swivel/conf
 
*Swivel 3.9.1 on software: USER_HOME/.swivel/conf. Example Windows 7 c:/users/<username>/.swivel
 
*Swivel 3.9 or earlier: /usr/local/tomcat/webapps/pinsafe/WEB-INF/conf
 
*Swivel 3.9 or earlier on software: C:\Program Files\Apache Software Foundation\Tomcat 6.0\webapps\pinsafe\WEB-INF\conf
 
 
 
 
 
== pinsafe.log and debug.log ==
 
 
 
*Swivel 3.9.1 on appliance: /home/swivel/.swivel/logs
 
*Swivel 3.9.1 on software: USER_HOME/.swivel/logs. Example Windows 7 c:/users/<username>/.swivel
 
*Swivel 3.9 or earlier: /usr/local/tomcat/webapps/pinsafe/WEB-INF/logs
 
*Swivel 3.9 or earlier on software: C:\Program Files\Apache Software Foundation\Tomcat 6.0\webapps\pinsafe\WEB-INF\logs
 
 
 
Each file is named pinsafe.log and pinsafe.log.n where n is the log file number, the older the log file, the higher the number. Debug files are called debug.log.n. In newer versions (3.9 and later), they are named pinsafe_''date''_''time''.log, where ''date'' and ''time'' are the date and time of the last entry in the file.
 
 
 
The PINsafe log can be saved from the PINsafe administration console by selecting log viewer, and then save, it saves the current page of logs, view other pages and save to view different logs.
 
 
 
If the PINsafe Administration Console cannot be accessed, then the logs can also be viewed the the [[Log Viewer Application]]
 
 
 
For further debugging information see [[Debug how to guide]]
 
 
 
 
 
=== backups of pinsafe.log and debug.log ===
 
 
 
Older logs can be retrieved from the backups located in \backups on appliances. If the backups are stored off server then they can also be viewed.
 
 
 
== Swivel Warning, Error and Fatal log level ==
 
 
 
This folder contains Swivel log messages for differing error levels:
 
Warning
 
Error
 
Fatal
 
 
 
Appliance: /var/log/swivel
 
 
 
 
 
== Tomcat logs ==
 
 
 
Windows: C:\Program Files\Apache Software Foundation\Tomcat 6.0\logs
 
 
 
Appliance: /var/log/tomcat
 
 
 
The following logs are useful for troubleshooting, the most relevant are listed first:
 
 
 
*catalina
 
 
 
*localhost
 
 
 
*tomcatX-stderr
 
 
 
host-manager
 
 
 
manager
 
 
 
commons-daemon
 
 
 
 
 
== server.conf ==
 
 
 
Windows: C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf
 
 
 
Appliance: /usr/local/apache-tomcat-5.5.20/conf
 
 
 
 
 
== MySQL Log ==
 
 
 
If you are using an A/A appliance possibly with DR and the appliance MySQL Db, the following log files may be of use:
 
 
 
/var/log/mysqld.log
 
  
 +
# Log into the Appliance console (SSH or direct).
 +
# Select the option ''Tools and Utilities''
 +
# Select the option ''Collect Support Logs''
 +
# Select one of the options on this menu. You can either copy the logs to a file and download them using SCP or email them. Note that the logs may be very large, so email may not be appropriate.
  
== Messages ==
+
Note the location of the support files: /support/store. The bundle is created as log_files.tar.gz, but the individual files are also available under the log_files folder.
  
Many Appliance OS log messages are stored in the messages file, older versions are sequentially numbered.
+
Note that the bundle is first tarred and then gzipped. Most decompression tools (Windows and Linux) will be able to extract the files, but note that not all will extract them in one go: you may have to extract the .tar file first and then extract the individual files from that.
  
/var/log/messages
+
Note that within the bundle, only the most recent logs are directly readable. Older files will have been gzipped, so need to be unzipped to read them.
  
 +
== Contents of the Support Files Bundle ==
  
== Webmin Logs ==
+
There are 4 folders within the bundle:
  
/var/webmin/miniserv.error
+
=== mysql ===
  
 +
This contains the complete transaction history for the Sentry databases, so the files can be very large. These are only really of interest to Swivel Secure support personnel.
  
= Retrieving the Files from an Appliance =
+
=== sentry ===
  
You can use Webmin to retrieve files (https://<pinsafe_server>:10000). From the top menu, select Others, then Upload and Download. From the sub-menu select Download from Server. See also [[Copying appliance files How to Guide]]
+
This contains the Sentry (Core) logs. Note that these are in XML format. We provide a [[Log_Viewer_Application|Windows tool]] to view them.
  
However, it is often simpler to use a visual SCP tool. The Windows tool we recommend is [http://kb.swivelsecure.com/wiki/index.php/WinSCP_How_To_Guide WinSCP].
+
=== swivel ===
  
 +
This contains several low-level log files:
  
= Log files in Appliance backups =
+
* '''cmi.log''' - records all commands made in the CMI.
 +
* '''error.log''' - records any errors encountered when using the CMI.
 +
* '''swivel.log''' - records certain scheduled activities such as backups
 +
* '''swivel-cmi-install.log''' - records update activities
 +
* '''wizard.log''' - records activities when initialising the apppliance
  
Many of the logs are backed up and on the PINsafe appliance are stored by default daily in the /backups folder and are stored daily. Additionally if off site backups are made such as through FTP, these can also be viewed.
+
=== tomcat ===
  
 +
This folder contains a number of different files relating to the Tomcat process that the Swivel Secure applications run under.
  
= Sending the files to Swivel support =
+
* catalina.out - this is the main Tomcat log file. It is likely to be the most useful file for troubleshooting
 +
* catalina.yyyy-mm-dd.log - this logs certain Tomcat activities not directly related to Swivel Secure applications
 +
* webapps.log - this logs all web connections to port 8080
 +
* webapps2.log - this logs all web connections to port 8443 (or 443 if redirection is enabled)
  
If they are more than 10 Mb in size then they will need to be compressed using winzip or for Unix files ''tar -czf logs.tar.gz <log file or folder>''
+
Note that older logs may be in archived files named according to a common protocol. The dates of these files are the dates on which the archive is created, so if the default rotation schedule is maintained, where logs are archived early in the morning, the archived file will probably contain logs from the day before the date shown.
  
If they are larger than this, then you can use an file sending service such as www.yousendit.com.
+
The remaining files are unlikely to be of interest, and are frequently empty.

Latest revision as of 09:31, 28 September 2021


Troubleshooting Files FAQ

To collect troubleshooting files from a Sentry Appliance:

  1. Log into the Appliance console (SSH or direct).
  2. Select the option Tools and Utilities
  3. Select the option Collect Support Logs
  4. Select one of the options on this menu. You can either copy the logs to a file and download them using SCP or email them. Note that the logs may be very large, so email may not be appropriate.

Note the location of the support files: /support/store. The bundle is created as log_files.tar.gz, but the individual files are also available under the log_files folder.

Note that the bundle is first tarred and then gzipped. Most decompression tools (Windows and Linux) will be able to extract the files, but note that not all will extract them in one go: you may have to extract the .tar file first and then extract the individual files from that.

Note that within the bundle, only the most recent logs are directly readable. Older files will have been gzipped, so need to be unzipped to read them.

Contents of the Support Files Bundle

There are 4 folders within the bundle:

mysql

This contains the complete transaction history for the Sentry databases, so the files can be very large. These are only really of interest to Swivel Secure support personnel.

sentry

This contains the Sentry (Core) logs. Note that these are in XML format. We provide a Windows tool to view them.

swivel

This contains several low-level log files:

  • cmi.log - records all commands made in the CMI.
  • error.log - records any errors encountered when using the CMI.
  • swivel.log - records certain scheduled activities such as backups
  • swivel-cmi-install.log - records update activities
  • wizard.log - records activities when initialising the apppliance

tomcat

This folder contains a number of different files relating to the Tomcat process that the Swivel Secure applications run under.

  • catalina.out - this is the main Tomcat log file. It is likely to be the most useful file for troubleshooting
  • catalina.yyyy-mm-dd.log - this logs certain Tomcat activities not directly related to Swivel Secure applications
  • webapps.log - this logs all web connections to port 8080
  • webapps2.log - this logs all web connections to port 8443 (or 443 if redirection is enabled)

Note that older logs may be in archived files named according to a common protocol. The dates of these files are the dates on which the archive is created, so if the default rotation schedule is maintained, where logs are archived early in the morning, the archived file will probably contain logs from the day before the date shown.

The remaining files are unlikely to be of interest, and are frequently empty.