Log files – Microsoft Windows
Introduction
The Desktop Agent and Server Agent have two log modes: the normal mode and the “Verbosity” mode, which provides more detailed information about each data collection point, data processing, and transmission. In some cases, the “Verbosity” mode may be requested, for all other cases, keep only the default mode.
The log files will support our support team in identifying issues or tracking specific information. Below are the directories and files we may request:
Installation
Installation logs: “C:\Automatoslog”
Note: Please compress this directory as a “.zip” file and send it to us when requested.
Desktop and Server Agent – Default mode
Agent and Relay
Desktop Agent logs:
"C:\Program Files (x86)\Automatos\Desktop Agent\tmp"Server Agent logs:
"C:\Program Files (x86)\Automatos\Automatos Server Agent\tmp"Note: Please compress this directory as a “.zip” file and send it to us when requested.
In some cases, it may be necessary to copy this directory before compressing it, as some files may be in use.
Automatos Auto Update (AAU)
AAU logs:
“C:\Windows\aau_installer.log
“C:\Windows\aau_service.log
Note: The files “aau_service.log” and “aau_installer.log” may be requested when there is an analysis related to WAN distribution from the CIQ ITAM portal.
Automatos Software Uninstaller (ASU)
ASU Logs:
“C:\Program Files (x86)\Automatos\Software Uninstaller\HOSTNAME~UnInstall.Log
“C:\Program Files (x86)\Automatos\AwSetup”
Note: The log file will be named using the format: HOSTNAME + UnInstall.Log
Please compress this directory as a “.zip” file and send it to us when requested.
Desktop and Server Agent – Verbose mode (detailed)
Enable verbose mode on the agent or relay as requested by our support team. In some cases, it will be necessary to enable verbose mode on both the agent and the relay.
Below are the commands to be executed in the CMD (Command Prompt)
Step 1 – Kill the processes and stop the services
Desktop Agent:
taskkill /F /IM aengine.exe
taskkill /F /IM arelay.exe
sc stop "AutomatosDesktopAgent"
sc stop "AutomatosRelay"Note: If the agents were installed with communication via Relay Central, the process “arelay.exe” and the service “AutomatosRelay” will not exist.”
Server Agent
taskkill /F /IM aengine.exe
taskkill /F /IM arelay.exe
sc stop "AutomatosServerAgent"
sc stop "AutomatosRelay"Note: If the agents were installed with communication via Relay Central, the process “arelay.exe” and the service “AutomatosRelay” will not exist.”
Step 2 – Change the registry key
Desktop Agent:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Ada\Engine\3.0" /v "Verbosity" /t REG_DWORD /d 7 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Relay\3.0" /v "Verbosity" /t REG_DWORD /d 7 /fServer Agent:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Engine\3.0" /v "Verbosity" /t REG_DWORD /d 7 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Relay\3.0" /v "Verbosity" /t REG_DWORD /d 7 /fStep 3 – Start the services
Desktop Agent:
sc stop "AutomatosDesktopAgent"
sc stop "AutomatosRelayNote: If the agents were installed with communication via Relay Central, the service “AutomatosRelay” will not exist.”
Server Agent:
sc stop "AutomatosServerAgent"
sc stop "AutomatosRelay"Note: If the agents were installed with communication via Relay Central, the service “AutomatosRelay” will not exist.”
Step 4 – Compress log files
Required: Please wait at least 30 minutes with verbosity enabled before compressing the directory to send it to us.
Desktop Agent logs:
“C:\Program Files (x86)\Automatos\Desktop Agent\tmp”
Server Agent logs:
“C:\Program Files (x86)\Automatos\Automatos Server Agent\tmp”
Note: Please compress this directory as a “.zip” file and send it to us.
In some cases, it may be necessary to copy this directory before compressing it, as some files may be in use.
Step 5 – Disable Verbosity
After sending us the log directories, we recommend disabling verbosity to prevent the log file from becoming too large. Set the value of “Verbosity” to 0:
Desktop Agent:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Ada\Engine\3.0" /v "Verbosity" /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Relay\3.0" /v "Verbosity" /t REG_DWORD /d 0 /fServer Agent:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Engine\3.0" /v "Verbosity" /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Automatos\Asa\Relay\3.0" /v "Verbosity" /t REG_DWORD /d 0 /f