Web Security debug logging using Endpoint Client

 

When troubleshooting Web connectivity issues, it is helpful to capture web traffic. You may use wireshark or if you have endpoint installed on the machine, you may use that as well. Endpoint comes with two type of captures: 

 

Header Capture:

Header capture logs are acquired in order to capture the all the traffic travelling through port 80 on a particular machine that has the Endpoint Client Installed. It is used specifically if Web Filtering is Active and enabled through the Endpoint 

Follow the instructions on the machine on which the issue occurs:

 

· Open the browse on a test machine and type the following URL to view the debug page:

http://127.0.0.1:8000/debug

· Select Yes from the drop down list besides Headers Capture (Content Filtering Only):

 


· Click on Apply

· Duplicate the issue and click on Download.

· Save the file at a desired location.

 

Network Capture:

Network Capture logs are acquired to capture all the network activity through the machine that has the Endpoint Installed.

The above logs are useful in connectivity/download issues.

Follow the instructions on the machine on which the issue occurs:

 

· Open the browse on a test machine and type the following URL to view the debug page:

http://127.0.0.1:8000/debug

· Select Yes from the drop down list besides Network Capture:

 

  

· Click on Apply

· Duplicate the issue and Click on Download.

· Save the file at a desired location.


Warning.png

WARNING

Leaving the debugging running may create very large debugging files. You may end up running out of disk space. It is highly recommend disabling debugging after you have collected the information.