Secure Global Desktop 4.31 Administration Guide > Arrays, servers and load balancing > Using log filters to troubleshoot problems with the Secure Global Desktop server

Using log filters to troubleshoot problems with the Secure Global Desktop server

When you first install Secure Global Desktop, the default log filters log all errors on the Secure Global Desktop server. If you want to obtain more detailed information, for example to troubleshoot a problem, you can set additional log filters. You set additional log filters by:

typing the filter directly into the Log Filter field on the Array properties panel of Array Manager.
Each filter must be separated by a RETURN.
using the tarantella config edit --array-logfilter command.
Each filter must be separated by a space.

Each filter has the form:
component/sub-component/severity:destination.

The options for each part of the filter and how you view the log output are described below.

Note Log filters can create large amounts of data. It is good practice to set as specific a filter as possible and then remove the filter when you have finished with it.

Selecting a component and sub-component

Selecting a component and sub-component allows you to choose the area of information you want to log from the Secure Global Desktop server. The table below shows the available component/sub-component combinations and an explanation of the kind of information this will produce.

Component and sub-component	Information provided
`admin/auth`	Authentication of Secure Global Desktop Administrators and the UNIX root user. Example use: to find out why an Administrator is unable to run Object Manager.
`admin/gui`	Using Array Manager and Object Manager. Example use: to find out why you can not create an object in Object Manager.
`admin/jndi`	The Java Naming and Directory Interface (JNDI). Example use: to find out why a naming error with an object in ENS has happened.
`admin/misc`	Miscellaneous messages from using the administration tools. Example use: to find out why default profile objects are not available.
`admin/status`	Verbose logging for the `tarantella status` command. Example use: to find out why the `tarantella status` command is failing.
`admin/webtopsession`	Records of webtop sessions. Example use: to find out why a record of user's webtop session can not be found.
`audit/glue`	Audit of changes made to the Secure Global Desktop server configuration or to your ENS configuration and who made the changes. Example use: to find out who made changes to a person object.
`audit/license`	License use across an array of Secure Global Desktop servers. Example use: to find out why the use of licenses is not being recorded.
`audit/session`	Starting and stopping webtop and emulator sessions. Example use: to find out how long a user had an emulator session running.
`cdm/audit`	Authorization of Secure Global Desktop user for client drive mapping (CDM) purposes. Example use: to find out whether a user's credentials are causing CDM to fail.
`cdm/server`	Information about CDM services. Example use: to find out whether a client connection error is causing CDM to fail.
`common/config`	How Secure Global Desktop server configuration is stored and copied across the array. Example use: to find out why an array-wide configuration change is not being applied to a Secure Global Desktop server.
`metrics/glue`	Memory and timings. Example use: to find out how long it took to run a Secure Global Desktop command.
`metrics/soap`	The SOAP component of Tomcat's SOAP proxy. Example use: to trace how long it took a SOAP request to finish.
`server/billing`	Secure Global Desktop billing services. Example use: to find out why billing data is being lost.
`server/common`	General Secure Global Desktop information. Example use: to troubleshoot DNS errors.
`server/config`	Changes to Secure Global Desktop server configuration. Example use: to log changes to Secure Global Desktop server configuration or to find out if the configuration has become corrupt.
`server/csh`	The Secure Global Desktop client session handler. Example use: to find out why a user can not re-start an application session.
`server/deviceservice`	Mapping of users to accessible device data. Example use: to find out why a user can not access client drives.
`server/diskds`	Information about the ENS database. Example use: to get information about corrupt objects or inconsistencies in ENS.
`server/glue`	The Secure Global Desktop ASAD protocol used in requests from Secure Global Desktop clients to log in or launch applications or to communication between Secure Global Desktop servers. Example use: to find out why a user can't launch an application.
`server/install`	Installation and upgrades. Example use: to investigate problems with an installation.
`server/kerberos`	Windows Kerberos authentication. Example use: to find out why an Active Directory user can't log in.
`server/launch`	Launching or resuming applications. Example use: to find out why a user can't launch an application.
`server/ldap`	Connections to an LDAP server. Example use: to find out why an LDAP user can't log in.
`server/loadbalancing`	Webtop and emulator session load balancing. Example use: to find out why a Secure Global Desktop host isn't being selected to host emulator sessions.
`server/logging`	Logging. Example use: to find out why log messages are not being written to a file.
`server/login`	Log in to Secure Global Desktop. Example use: to find out which login authority authenticated a user and the login profile used.
`server/mupp`	The Secure Global Desktop MUPP protocol. Example use: Only use this filter if Secure Global Desktop Support asks you to.
`server/netlet`	Netlet connections. Example use: to find out why Netlet connections are failing.
`server/printing`	Secure Global Desktop printing services. Example use: to find out why print jobs are failing.
`server/replication`	Copying data between Secure Global Desktop servers in an array. Example use: to find out why data hasn't been copied between array members.
`server/securid`	Connections to SecurID ACE/Server®. Example use: to find out why SecurID authentication is not working.
`server/security`	Secure SSL-based connections. Example use: to find out why the SSL Daemon is not running.
`server/server`	The Secure Global Desktop JServer component. Example use: to troubleshoot Secure Global Desktop server failures, such as Java runtime exceptions which are not logged elsewhere.
`server/services`	Internal Secure Global Desktop server services. Example use: to find out why a service is failing.
`server/session`	Webtop sessions. Example use: to find out why a session failed to suspend.
`server/soap`	SOAP bean interface Example use: to diagnose problems with the SOAP beans.
`server/soapcommands`	SOAP requests. Example use: to log the SOAP requests received.
`server/tfn`	Secure Global Desktop Federated Naming (TFN) namespace. Example use: to find out why Object Manager is running in read-only mode.
`server/tier3loadbalancing`	Application server load balancing. Example use: to find out why a host is not being selected to launch an application.
`server/tokencache`	Authentication token cache. Example use: to find out why an authentication token is not being created for a user.
`server/tscal`	Windows Terminal Services Client Access Licenses (CALs) for non-Windows clients. Example use: to find out why a non-Windows client doesn't have a CAL.
`server/webtop`	Webtop content. Example use: to find out why an application isn't appearing on a user's webtop.

Selecting the severity

You can select one of the following levels of severity for each log filter:

Severity	Description
`fatalerror`	Logs information on fatal errors. Fatal errors stop the Secure Global Desktop server from running. When you first install Secure Global Desktop, all fatal errors are logged by default.
`error`	Log information on any errors that occur. When you first install Secure Global Desktop, all errors are logged by default.
`warningerror`	Log information on any warnings that occur, for example if system resources are running low. When you first install Secure Global Desktop, all warnings are logged by default.
`info`	Informational logging. Useful for problem solving and identifying bugs.
`moreinfo`	Verbose informational logging.
`auditinfo`	Logs selected events for auditing purposes, for example changes to Secure Global Desktop server configuration. For details see, Using log filters for auditing

The fatalerror severity produces the least amount of information and the moreinfo severity produces the most.

Selecting a severity level is not cumulative. For example, selecting info does not mean you also see warning, error or fatalerror log messages. To log more than one level of severity, use a wild card (see below).

Using wildcards

You can use a wildcard (*) to match multiple components, sub-components and severities. For example, to log all warning, error and fatal error messages for printing, you could use server/printing/*error.

Note If you use a wildcard on the command line, you must enclose the filter in quotes to stop your shell from expanding them.

Selecting a destination

When selecting a destination for the logs, you can specify that the output goes to:

a log file; or
a log handler.

Using log files

If you are outputting to a file, you can output to two types of file:

filename.log - Secure Global Desktop formats this log output so that it is easy to read.
This format is required by the tarantella query errlog command.
Note This command only searches log files that have names that end error.log.
filename.jsl - Secure Global Desktop formats this log output for automated parsing and searching.
This format is required by the tarantella query audit command.

The file extension of the destination file controls the format of the file.

You can also create a separate log file for each process ID by including the %%PID%% placeholder in the file name.

The log files are output in the log directory specified on the General Properties pane for each array member. The directory is usually /opt/tarantella/var/log. You cannot change the location of the log files, but you can use a symlink to redirect the logs to a different location. Alternatively, you can use the syslog log handler described below.

Using log handlers

A log handler is a JavaBeans component used as the destination for the log messages. When specifying a log handler, you must use its Secure Global Desktop Federated Name (TFN). Secure Global Desktop provides two standard log handlers:

ConsoleSink; and
SyslogSink.

The ConsoleSink writes log messages in a easy to read format to standard error. This log handler is enabled by default and logs all errors. The TFN of this log handler is:
.../_beans/com.sco.tta.server.log.ConsoleSink

The SyslogSink writes log messages to the UNIX/Linux syslog facility. The TFN of this log handler is:
.../_beans/com.sco.tta.server.log.SyslogSink

Example log filters

Here are some examples of commonly used log filters:

to debug user logins:

server/login/*:login%%PID%%.log
server/login/*:login%%PID%%.jsl

to troubleshoot client drive mapping:

cdm/*/*:cdm%%PID%%.log
cdm/*/*:cdm%%PID%%.jsl
server/deviceservice/*:cdm%%PID%%.log
server/deviceservice/*:cdm%%PID%%.jsl

to troubleshoot printing problems:

server/printing/*:print%%PID%%.log
server/printing/*:print%%PID%%.jsl

to get timing measurements for server performance:

metrics/*/*info:metrics.log
metrics/*/*info:metrics.jsl

to send all warnings, errors and fatalerrors to syslog:

*/*/*error:.../_beans/com.sco.tta.server.log.SyslogSink

Viewing log output

To view the log output, you can either:

open the .log files in an editor; or
use tarantella query command.

If you use the tarantella query command, use:

tarantella query errlog to see only the errors and fatalerrors for specific Secure Global Desktop server components; and
tarantella query audit searches the logs for any messages relating to a person, an application or an application server.

Note You can only use these commands to view the log output until the logs are archived. You configure archiving when you install Secure Global Desktop but you can change the settings at any time by running the tarantella setup command.

Related topics
Using log filters for auditing Array properties (array-wide) The tarantella query errlog command The tarantella query audit command