Menu

Search

GlobalSCAPE Knowledge Base


Using EFT verbose logging


kmarsh
EFT Express (SMB) & Enterprise

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT v7.4 and later

DISCUSSION

Log levels in EFT default to the TRACE or INFO setting, which is standard or typical logging. If you need more details in your logs, change the logging configuration to an extended or verbose log level in logging.cfg (i.e., to DEBUG). This extended level of detail in your logs will help you pinpoint where the trouble lies. Two examples are provided below.

Note: it is recommended that you only use verbose logging during debugging or troubleshooting. It will produce a large amount of data and quickly use up your processing speed and drive space.

EXAMPLE 1:

Set the SSL logging level to DEBUG to see whether the connection was accepted, and which protocol version, cipher, and key length were used in the connection:

DEBUG SSL <> - SSL connection accepted; protocol version = TLSv1.2, cipher = ECDHERSA-AES128-GCM-SHA256, key length = 128

EXAMPLE 2: 

Use the following example for logging SFTP information to set up a separate file appender for verbose logs, which should make data capture and analysis a bit more manageable.

  1. Specify the following settings in the logging.cfg file:
  2. log4cplus.appender.SFTPFileAppender=log4cplus::RollingFileAppender

    log4cplus.appender.SFTPFileAppender.File=${AppDataPath}\EFT-SFTP-${COMPUTERNAME}.log
    (This is the separate location where the logs will be saved.)

    log4cplus.appender.SFTPFileAppender.MaxFileSize=20MB

    log4cplus.appender.SFTPFileAppender.MaxBackupIndex=5

    log4cplus.appender.SFTPFileAppender.layout=log4cplus::TTCCLayout

    log4cplus.appender.SFTPFileAppender.layout.DateFormat=%m-%d-%y %H:%M:%S,%q

    log4cplus.logger.SFTP=TRACE, SFTPFileAppender

    log4cplus.additivity.SFTP=false

    log4cplus.appender.SFTPFileAppender.filters.1=log4cplus::spi::StringMatchFilter

    log4cplus.appender.SFTPFileAppender.filters.1.StringToMatch=Received SSH_MSG_KEXINIT

    log4cplus.appender.SFTPFileAppender.filters.1.AcceptOnMatch=true

    log4cplus.appender.SFTPFileAppender.filters.2=log4cplus::spi::StringMatchFilter

    log4cplus.appender.SFTPFileAppender.filters.2.StringToMatch=Handling SSH_MSG_USERAUTH_REQUEST for user

    log4cplus.appender.SFTPFileAppender.filters.2.AcceptOnMatch=true

    log4cplus.appender.SFTPFileAppender.filters.3=log4cplus::spi::DenyAllFilter

  3. After using verbose logging for few days (or however long is needed), copy the EFT-SFTP-*.log files to a new folder for processing by the attached script. (You have to copy the log files to a separate folder for analysis because PowerShell cannot open files that EFT is holding open.)
  4. Run the attached PowerShell script (specific to this SFTP example) against those log files in that new folder from the last step to generate a CSV file with the results. Be sure to change the path in the script to the location in which you have created a new folder.

Analysis can be performed against the results easily in Excel.


Attachments

ParseLogFilesForSFTPKex.zip 1.00 KB, 39 views

Also In This Category


On a scale of 1-5, please rate the helpfulness of this article


Not Helpful
Very Helpful
Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: Last Month
Last Modified By: kmarsh
Type: HOWTO
Article not rated yet.
Article has been viewed 701 times.
Options
Find Similar