How do I turn debug on or off for rules and rule groups? (NETIQKB47491)

  • 7747491
  • 02-Feb-2007
  • 10-Oct-2007


How do I turn debug on or off for rules and rule groups?

How do I change the level of detail available for troubleshooting?

VigilEnt Security Agent for Unix 5.0

Unix Manager 5.0


To change the debug level for rules or rule groups:

  1. In the Unix Manager console, click Rules Manager.
  2. Expand the rule set.
  3. To change the debug level for a rule group:
       a. Right-click the Group:{rulegroupname} you want to change and click Edit.    
       b. Click Advanced.
       c. Move the Debug Level slide to the level you want. 
       d. Click OK.
  4. To change the debug level for a specific rule:
       a. Expand the Group:{rulegroupname}. 
       b. Right-click the Rule:{rule} you want to change and click Edit.
       c. Click Advanced.      
       d. Move the Debug Level slide to the level you want.      
       e. Click OK.
  5. Click File > Save or Save As > File > To Host(s).
  6. Highlight the computer where you want to send the rule set.
  7. Click Select to copy the rule set to detect.xml/vsaunix/{OS}/vsau/local/cache on the agent.

For information about the size of the debug records, see the NetIQ Knowledge Base article NETIQKB47496: "How do I clean up the debug files on the Unix agent?" at

Rule group and individual rule debug can be turned on independently of each other. However you might not have enough information to troubleshoot. For more information, see the NetIQ Knowledge Base article NETIQKB47424: "How do I turn debug on or off for rules or rule groups?" at

The detect loader, ./perl -  vrun detectd, looks for a new detect.xml file each minute and loads it when found. In some cases, this process will result in all the groups being restarted.

Additional Information

Formerly known as NETIQKB47491