Phone Lines icon GFI Support Home

Articles in this section

See more

How to gather troubleshooter logging from GFI EndPointSecurity Server

Author: Luis Fernandes Updated

Overview

The article details the process to gather troubleshooter logs from GFI EndPointSecurity Server.

Information

Process

Use these instructions when requested by a GFI Technical Support Representative. If you do not have an open case, first submit a request at www.gfi.com/supportform.
Perform the following steps to help us gather the required information and isolate the issue:

  1. Stop the GFI EndPointSecurity service

  2. Enable debug:

  1. Go to the installation folder of GFI EndPointSecurity and open the crmiini.xml file with Notepad.

  2. Change the Debug value from 0 to 1, and save the file.
  1. Delete all files from the <GFI\EndPointSecurity 6>\DebugLogs directory.
  2. Restart the GFI EndPointSecurity service.
  3. Recreate the issue being encountered. You can use the problem step recorder for it.
Example Scenario: Agent deployment issues:
  • Make deployment of two agents and wait until you see the Up-to-date status change to Update Pending.
  • Go to the Status > Agents and right-click on the agents and choose Debug > Collect debug logs... from each of them.
  1. Go to Start > Programs > GFI EndPointSecurity 2013 and run the GFI EndPointSecurity Troubleshooter.
  2. Go to the installation directory of GFI EndPointSecurity and locate the zip file named <Year_Month_Day_####_###_ESECSupport>.zip and place it in a folder named with the format Year_Month_Day_<GFI-xxxxx>. (For example 2018_08_20_GFI-123456). Replace the 123456 with the Case Number that you have opened with GFI Support.
  3. Save your Application and System event logs as "Windows event log format (EVT)" to the folder created in step 7, then zip the folder.
  4. Upload the file to our FTP server:
  1. Login to the FTP server (Note:If you see a page with many files and folders, right-click on the page and choose Logon As..., and put in the credentials below)
    • FTP Server details:
      • Host: ftp://ftp.gfisoftware.com
      • User: gfi
      • Pass: gfi911cust
      • Note: If using Windows Explorer use ftp://gfi:gfi911cust@ftp.gfisoftware.com
  2. Paste the zip file created in step 8.
  1. Reply to the case email with the exact filename uploaded. Provide any necessary details that may assist in reviewing the logging.