iSheriff Endpoint Security: Acquiring Logs

 

Introduction:

The below mentioned log files are required by our technical support to assist you with the Endpoint issues promptly.

 

Contents:

· iSheriff Endpoint Isf log 

· iSheriff Endpoint Debug Logs.

· iSheriff Endpoint Header Capture 

· iSheriff Endpoint Network Capture.

  

iSheriff Endpoint ISF logs:

File name: isf.log

Default location of the log file: %Program Files%\CloudClient\log

 

Configuration files:

Isf.cfg

Isf.local


 

 

Note

The above two files are present in the same folder as the isf.log

 

iSheriff Endpoint Debug Logs:

Instructions to collect the Debug logs:


Open the command prompt

· Click on Start à run

· Type cmd

· Hit enter


Browse to the Cloud Client Directory.

· cd command is used to browse to a directory in Microsoft Windows/Linux

· On a 32 bit machine: cd C:\Program Files\CloudClient

· On a 64 bit machine: cd C:\Program Files (x86)\CloudClient

· Hit Enter.


Type the following Command:

isfacs.exe debug -3 > debug.txt


Hit enter

 

Duplicate the issue and let the command for at least 5 minutes. Press ctrl+c to end the command.

 

debug.txt file should be present under %Program Files%\CloudCleint\log

 

Here is a list of common command line parameters that isfacs understands (Windows version):

 

-ver : show service version

browset: set pacfile information in every known browser and lock network options modification

browunset: remove PAC file information from browsers and unlock network options

 

iSheriff Endpoint Header Capture:

Header capture logs are acquired in order to capture the all the traffic travelling through port 80 on a particular machine that has the Endpoint Client Installed. It is used specifically if Web Filtering is Active and enabled through the Endpoint

Follow the instructions on the machine on which the issue occurs:

 

· Open the browse on a test machine and type the following URL to view the debug page:

http://127.0.0.1:8000/debug

· Select Yes from the drop down list besides Headers Capture (Content Filtering Only):


· Click on Apply

· Duplicate the issue and click on Download.

· Save the file at a desired location.

 

iSheriff Endpoint Network Capture:

Network Capture logs are acquired to capture all the network activity through the machine that has the Endpoint Installed.

The above logs are useful in connectivity/download issues.

Follow the instructions on the machine on which the issue occurs:


· Open the browse on a test machine and type the following URL to view the debug page:

http://127.0.0.1:8000/debug

· Select Yes from the drop down list besides Network Capture:

  

· Click on Apply

· Duplicate the issue and Click on Download.

· Save the file at a desired location.


Warning.png

WARNING

Leaving the debugging running may create very large debugging files. You may end up running out of disk space. It is highly recommend disabling debugging after you have collected the information.