Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
What is an Agent?What is a Policy?Working with Agents - OverviewWorking with Policies - OverviewHow to Assign a PolicyHow to Bulk Assign a PolicyHow to Assign Tags to an AgentHow to Remove an AgentHow to Bulk Assign Watcher PolicyHow to Work with Activity Watcher Policies
How to Create a Policy
How to Create a New Policy Using the WizardHow to Create a Policy Using the Wizard - Agent Operations - Advanced OptionsHow to Create a Policy Using the Wizard - Additional SettingsHow to Create a Policy Using the Wizard - Additional Settings - Advanced OptionsHow to Create a Policy Using the Wizard - Local Reporting OptionsHow to Create a Policy Using the Wizard - Local Logging OptionsHow to Create a Policy Using the Wizard - Local Logging - Advanced Options
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles

How to Create a Policy Using the Wizard - Local Logging Options

These settings control where and how to log informational and error messages as well as how to create new logs, log user actions, and set log formats. The level of detail to log is configured here.

After completing the Local Reporting page of the Create Policy wizard, click the Next button to proceed to the Local Logging page to input more detailed options.

Use the following steps to set your local logging options:

  1. On the Local Logging screen, you can input logging settings.
  2. Expand the section for more information:

Local Logging Options

Use the table below to help you fill in the Local Logging screen:

These settings control where and how to log informational and error messages as well as how to create new logs, log user actions, and set log formats. The level of detail to log is configured here.

Setting Name

Options

Description

Types

Auto Action - Do Messages

  • Do not log messages (0) (Default)
  • Log messages (1)

This setting controls logging informational messages when performing auto-actions.

  • Do not log messages - Do not log informational messages when performing auto-actions
  • Log messages - Log informational messages when performing auto-actions

Auto Action - Do Errors

  • Do not log errors (0) (Default)
  • Log errors (1)

This setting controls logging error messages when performing auto-actions.

  • Do not log errors - Default. Do not log error messages when performing auto-actions
  • Log errors - Log error messages when performing auto-actions

Auto Action - Do Action

  • Do not log user actions (0) (Default)
  • Log user actions (1)

This setting controls logging user actions when performing auto-actions.

  • Do not log user actions - Default. Do not log user actions when performing auto-actions
  • Log user actions - Log user actions when performing auto-actions

Do Messages

  • False (0)
  • True (1) (Default)

This setting controls logging informational messages.

  • False - Do not log informational messages
  • True - Default. Log informational messages

Do Errors

  • False (0)
  • True (1) (Default)

This setting controls logging error messages.

  • False - Do not log error messages
  • True - Default. Log error messages

Do Debug

  • False (0)
  • True

This setting controls logging debug messages.

  • False - Default. Do not log debug messages
  • True - Log debug messages

Do Secure Items Skipped

  • False (0)
  • True (Default)

This setting controls logging items skipped because they were secure.

  • False - Do not log secure items skipped
  • True - Default. Log items skipped

Enable Logging

  • Disable (0)
  • Enable (1) (Default)

The setting for logging information when performing updates

  • When the Client Updates feature of the console is used, the endpoint service can update itself as well as the client application.
  • Disable - Do not log information when performing updates
  • Enable - Log information when performing updates

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Retention

  • New log every search (0) (Default)
  • Append to previous log (1)

This setting controls the method for creating new logs.

  • Specify the method for creating new logs

Do Locations Searched

  • False (0)
  • True

This setting controls logging each location searched.

  • True - Log locations searched
  • False - Do not log locations searched

Do Matching Locations

  • False (0)
  • True

This setting controls logging each location with a match.

  • True - Log locations containing matches
  • False - Do not log locations containing matches

Do User Actions

  • False (0)
  • True (1) (Default)

This setting controls logging user actions:

  • False - Do not log user actions
  • True - Log user actions

Log Format

  • Fixed width (0) (Default)
  • Comma Separated (1)
  • Tab separated (2)

This setting controls the format for the logs.

  • Specify the format for the log file

Log Types

  • Error
  • Information
  • Debug
  • Search Result
  • Locations Containing Matches
  • File Searched
  • Location Searched
  • Secure Item Skipped
  • Location Skipped
  • User Action

This setting controls log message types read by the console.

  • Specify which log message types are to be read by the console and inserted into the console database.
  • When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.
  • When created in the Windows Registry, they are of type REG_DWORD.
  • When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.
  • When entered into a security template (.inf) file, they should be entered in decimal.

Description

Value

Default

Error

0x00000001

On

Information

0x00000002

On

Debug

0x00000004

On

Search Result

0x00000008

On

Locations Containing Matches

0x00000010

On

File Searched

0x00000020

On

Location Searched

0x00000040

On

Secure Item Skipped

0x00000080

On

Location Skipped

0x00000100

On

User Action

0x00000200

On

 

Send Logs

  • Disable (0) (Default)
  • Enable (1)

This setting controls sending logs to the console.

  • Enable - Send the endpoint logs to the console.
    • Endpoint logs can create a large amount of data in the console database which can decrease performance of the console application.
    • It is recommended that this setting only be enabled for specific endpoints during initial configuration/evaluation and during troubleshooting.
  • Disable - Do not send the endpoint logs to the console.

Standard Operations

  • Disable Logging (Default) (0)
  • Log Informational Messages (1)
  • Log Debugging Messages (2)
  • Log Detailed Trace Messages (3)
  • Log All Messages (4)

When using Sensitive Data Watcher's Email component (internally email change monitor service), it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (for example, Info, Error).

The following log levels are available:

  • Disable logging (Default): No logging messages will be recorded.
  • Log Informational Messages: Standard logging.
  • Log Debugging Messages: Comprehensive logging.
  • Log Detailed Trace Messages: Detailed trace logging.
  • Log all messages: Capture all log messages

Note: Logging beyond the default level, especially the maximum level, creates very large log files and may contain sensitive information.

Discovery Teams

  • Disabled (Default) (0)
  • Standard Logging (1)
  • Additional Logging (2)
  • Comprehensive Logging (3)
  • Full Logging (4)

This setting controls the level of detail to log when searching with Discovery Teams.

When searching with Discovery Teams, it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (example: Info, Error) .

The following log levels are available:

  • Disabled
  • Standard Logging
  • Additional Logging
  • Comprehensive logging
  • Full logging
    Note: Logging beyond the default level, especially the maximum level, may create very large log files and may contain sensitive information.

*This setting applies Windows and Linux. Mac OS is excluded.

Location Based Operations

  • Default (Default) (0)
  • Log Informational Messages (1)
  • Log Debugging Messages (2)
  • Log Detailed Trace Messages (3)
  • Log All Messages (4)

This setting controls the level of detail to log when an Agent acting upon a location (example: c:\private files\psswd\passwords.txt) such as scanning, remediation, etc.. If an error is thrown when trying to scan a specific file set one of the following log levels:

  • Default: No logging messages will be recorded.
  • Log Informational Messages: Standard logs are recorded
  • Log Debugging Messages: Comprehensive logs are recorded
  • Log Detailed Trace Messages: Detailed trace logs are recorded
  • Log all messages: Capture all log messages are recorded

Note: Logging beyond the default level, especially the maximum level, may create very large log files and may contain sensitive information.

  1. Click Advanced Options to input more detailed options.
  2. For information about Advanced Local Logging Options, see the page the Local Logging - Advanced Options.


Was this article helpful?

Powered by Product Fruits