ESET Online Help

Search English
Select the topic

Log files

Modify the configuration of ESET Endpoint Antivirus for Linux logging.

Minimum logging verbosity

Logging verbosity defines the level of details the log files include regarding ESET Endpoint Antivirus for Linux.

Critical warnings - Includes only critical errors (for example, failed to start antivirus protection).

Errors - Errors such as "Error downloading file" will be recorded in addition to critical warnings.

Warnings - Critical errors and warning messages will be recorded in addition to errors.

Informative records - Record informative messages, including successful update messages, plus all records above.

Diagnostic records - Include information needed to fine-tune the program and all records above.

Automatically delete records older than (days)

To hide log entries older than the specified number of days from the log list (lslog):

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Tools > Log files.

4.Enable Automatically delete records older than (days).

5.Adjust the day to specify the age of files to be hidden.

6.Click Continue > Assign, select the desired group of computers the policy will apply to.

7.Click OK, then click Finish.

Hidden logs cannot be displayed again. Log entries of On-demand scan are deleted right away. To prevent piling up of hidden logs, turn on the automatic optimization of log files.

Optimize log files automatically

When engaged, log files will be defragmented automatically if the fragmentation percentage is higher than the value specified in the If the number of unused records exceeds (%) field. Unused records stand for hidden logs. Click Optimize to begin defragmenting the log files. All empty log entries are removed to improve performance and log processing speed. This improvement can be observed, especially if the logs contain a large number of entries.

Syslog Facility

Syslog facility is a syslog logging parameter used to group similar log messages. For example, logs from daemons (which collect logs via syslog facility daemon) can go to /var/log/daemon.log if configured. With the recent switch to systemd and its journal, syslog facility is less important but still can be used for filtering logs.