THE INFORMATION IN THIS ARTICLE APPLIES TO:
- EFT Server (All Versions)
DISCUSSION
When EFT Server’s Download and Copy/Move action offloads or downloads files to/from other servers, the session is recorded to a log file: cl[yymmdd].log, e.g., cl060312.log.
The log file is formatted as: Time; Protocol; Host Name; Port; User Name; Local Path; Remote Path; Operation; GetLastCode
For example:
2006-03-06 10:11:03; ftp; 192.168.20.171; 21; ClientA; C:\test1.txt; /test1.txt; download; 226;
(In v6.4 and later) A tenth column can be added to
the CL log by adding an advanced property,"Enable10ColumnInClientLog" with the value of 0, success, or 1, failure. The tenth column indicates
status of the Event, Success (0) or Failure (1).
With the tenth column enabled, the CL log columns are:
TIME | PROTOCOL | HOST | PORT | USER | LOCAL_PATH | REMOTE_PATH | OPERATION | LAST_RESULT_CODE | ACTION_RESULT
If ACTION_RESULT = 0, any "if action FAILED" Actions in the Rule are skipped.
To enable the tenth column
In v8.0 and later, add the name:value pair to the advancedproperties.json file as described in the "Advanced Properties" topic in the online help for your version of EFT.
{
"Enable10ColumnInClientLog": "1"
}
In versions prior to v8.0:
Create the DWORD Enable10ColumnInClientLog at the following path:
32-bit: HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0
64-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 4.0
Value:
0 or not present = disabled
1 = enabled
The log can be used for trouble-shooting connection and transfer errors. The "GetLastCode" value returns the protocol success or error code or socket error. For example, trying to connect to an non-existent website will result in the socket error code 10060, connection timeout. EFT Server defines a few of its own:
- 0 - Success (connected ok)
- 1 - General socks failure
- 2 - Socket connection not allowed by ruleset
- 3 - The network is unreachable
- 4 - The host is unreachable
- 5 - The remote server actively refused the connection
- 6 - The Time To Live (TTL) expired. This could indicate a network problem.
- 7 - The command was not supported by the remote host. Also a catch all error code.
- 8 - The address type or format is not supported
- 10 - Illegal socks name
- 11 - Socks5 authentication failure (username/password incorrect)
- 12 - Can't connect to socks server
- 2000 - Internal timeout error code (multiple reasons, such as firewall blocking connection, etc.)
FTP and FTP over SSL only return protocol-level success and error codes. For example, a successful transfer would return 226 or a bad login password would return 530. Refer to RFC 959 for a complete list of FTP/S return codes.
SFTP (SSH2) returns the following success and error codes:
- -1 - Undefined or unknown error (not enough information to determine exactly why it failed)
- 0 - The operation completed successfully
- 1 - The operation failed because of trying to read at end of file
- 2 - The requested file does not exist
- 3 - Insufficient privileges to perform the operation
- 4 - The requested operation failed for some other reason
- 5 - A badly formatted message was received. This indicates an error or incompatibility in the protocol implementation
- 6 - Connection has not been established (yet) and a timeout occurred
- 7 - Connection to the server was lost, and the operation could not be performed
- 8 - A timeout occurred