THE INFORMATION IN THIS ARTICLE APPLIES TO:
Log levels in EFT default to the TRACE or INFO setting, which is standard or typical logging. If you need more details in your logs, change the logging configuration to an extended or verbose log level in logging.cfg (i.e., to DEBUG). This extended level of detail in your logs will help you pinpoint where the trouble lies. Two examples are provided below.
Note: it is recommended that you only use verbose logging during debugging or troubleshooting. It will produce a large amount of data and quickly use up your processing speed and drive space.
Set the SSL logging level to DEBUG to see whether the connection was accepted, and which protocol version, cipher, and key length were used in the connection:
DEBUG SSL <> - SSL connection accepted; protocol version = TLSv1.2, cipher = ECDHERSA-AES128-GCM-SHA256, key length = 128
Use the following example for logging SFTP information to set up a separate file appender for verbose logs, which should make data capture and analysis a bit more manageable.
- Specify the following settings in the logging.cfg file:
(This is the separate location where the logs will be saved.)
log4cplus.appender.SFTPFileAppender.filters.2.StringToMatch=Handling SSH_MSG_USERAUTH_REQUEST for user
- After using verbose logging for few days (or however long is needed), copy the EFT-SFTP-*.log files to a new folder for processing by the attached script. (You have to copy the log files to a separate folder for analysis because PowerShell cannot open files that EFT is holding open.)
- Run the attached PowerShell script (specific to this SFTP example) against those log files in that new folder from the last step to generate a CSV file with the results. Be sure to change the path in the script to the location in which you have created a new folder.
Analysis can be performed against the results easily in Excel.