Log Viewer truncates entries unexpectedly in WebServers 3.0 (NETIQKB31538)

  • Document ID:7731538
  • Creation Date:02-Feb-2007
  • Modified Date:08-Sep-2008
    • Micro Focus Products:
      Secure Configuration Manager

Resolution

fact
VigilEnt Security Agent for WebServers 3.0

symptom
Log Viewer truncates entries unexpectedly in WebServers 3.0

cause
The line delimiter character is used to determine when a log entry ends. A line delimiter character should be a non-printing character; for example, \n or \x0D.

fix

The Edit System Configuration window is used to edit the settings of the VigilEnt Security Agent for WebServers log file. The navigation pane (left side of screen) can be used to jump directly to each section of the window. You can view VigilEnt Security Agent for WebServer log files using the Detect/Prevent Log Viewer, available at Start | Programs | VigilEnt Security Agent | IDS Log Viewer.


To edit system configuration, follow these steps:

  1. Click the Detect/Prevent tab in the main VigilEnt Security Agent for WebServers window.

  2. Select Manage Web Servers on the subnavigation bar. The Web Server Manager window opens, listing all web server configurations that have been added.

  3. Click the Edit System icon next to the configuration to be edited.

    • Note: If the configuration to be edited is listed as active in the Web Server Manager window, the System Configuration Editor can be accessed using the Edit System Configuration link on the subnavigation bar.

    • Note: Links to all settings for the selected configuration are listed in the navigation pane on the left side of the screen.

  4. Use the option in the Hot Update section to determine whether the system administrator can update the VigilEnt Security Agent for Web Servers configuration without restarting the web server.

    • Enabled: Select True to allow the system administrator to update the configuration without restarting the web server.

    • Note: If this setting is disabled, the web server must be restarted to accept changes.

  5. VigilEnt Security Agent for WebServers sends messages to a log file. Use the options in the VigilEnt Security Agent for WebServers Log File section to determine the set up of the log file.

    • Prefix: The default entry saves the log files in the directories created at installation time. This entry can be changed to place the log files in a different location.

    • Roll Method: Entries in Roll Method and Roll Frequency are used to determine how often new log files are started. In Roll Method, select the base time interval to be used to determine when new logs are started.

    • Roll Frequency: This entry is used with the entry in Roll Method. For example, set Roll Method to ROLL_BY_HOUR and Roll Frequency to 12 to cause new logs to be started twice each day.

    • Encrypt: Encryption can be used in instances in which the log files must be kept secure. Encrypt and Encrypt Key are used together to encrypt log files. Select True to enable encryption.

    • Encrypt Key: Type a key used to encrypt the log file. The key must be between 8 and 32 characters in length. For security reasons, when revisiting this window, the number of characters displayed may not equal the actual number of characters in the key.

    • Encrypt Key (Repeat to Confirm): Retype the encryption key.

    • Synchronize Write Access: Select True only if multiple processes write to the same log file, resulting in jumbled log entries. In all other situations, False is the suggested setting.

    • Line Delimiter: The line delimiter character is used to determine when a log entry ends. A line delimiter character should be a non-printing character; for example, \n or \x0D.

  6. Use the options in the Logging Level section to determine the amount of system information sent to the log file. Select a logging Level based on the following:

    • FATAL?Reports only messages as.
      sociated with errors that stopped the agent.

    • ERROR?Reports unrecoverable errors that are not severe enough to stop the agent.

    • WARN?Reports recoverable errors or undesirable conditions that do not adversely affect the Detect/Prevent software.

    • INFO?The most common setting, that sends start, stop, and reconfiguration messages in addition to warning and error message to the log.

    • DEBUG?Generates very large amounts of trace and debug information. This should not be used in production environments.

  7. Click Save. Your changes are saved and the Web Server Manager window opens.


Note: The Reset button can be used to reverse all parameter changes made during this editing session..


Additional Information

Formerly known as NETIQKB31538