Logging

To set parameters for database maintanance, select Tools/Server options from the main ERA Console menu.
Database maintanance provides options for keeping the logs transparent and enables compression of the main ERA database on a regular basis to preserve space.

1.Audit log

Audit log monitors and logs all changes to the configuration and performed actions by all ERAC users.

If Log to text file is selected, new log files will be created (Rotate when greater than X MB) and deleted on a daily basis (Delete rotated logs older than X days). You can also change the log verbosity in the drop-down menu to the left.

Click View Log to display the current Audit Log.

Log to OS application log allows information to be copied to the system event viewer log (Windows Control Panel > Administrative Tools > Event viewer). You can also change the log verbosity in the drop-down menu to the left.

Log to Syslog sends a syslog message to the specified syslog server on a specified port (default server is localhost, default port is 514) .For advanced syslog settings go to Tools > Server Options > Advanced >Edit Advanced Settings… > Setup > Logging . You can edit the syslog options here - syslog server name, syslog server port, syslog facility and the syslog verbosity.

NOTE: Syslog severity must be configured for each log type. For the server log, it is the setting Syslog facility for server log, for the debug log it is the setting Syslog facility for debug log. For these logs, the syslog severity is as follows:

ERA Verbosity

Syslog Severity

Level 1 (Informational)

LOG_INFO //6

Level 2 (Error)

LOG_INFO //3

Level 3 (Warning)

LOG_INFO //4

Level 4,5 (Debug)

LOG_INFO //7

The Verbosity of a log means the level of detail in a log and the information included.

Level 1 - Users and groups – Log user and group related activity (static groups, parametric groups, add/remove client from a group, etc.).

Level 2 - Above + Client actions – Above + all ERA client-related activity (set/clear new flag, set client policy, request data, etc.).

Level 3 - Above + Tasks and notifications – Above + all Tasks-related activity (create/delete Task, create/delete Notification, etc.).

Level 4 - Above + Reports – Above + all report-related activity (create/delete Report, select/delete Report Template).

Level 5 - All events – All Log-related activity (clear HIPS Log, clear Threat Log, etc.).

2.Server log

While running, the ERA Server creates a server log (Log filename) about its activity which is configurable (Log verbosity).

NOTE: The text file output is by default saved to the file %ALLUSERSPROFILE%\Application Data\Eset\ESET Remote Administrator\Server\logs\era.log

If Log to text file is selected, new log files will be created (Rotate when greater than X MB) and deleted on a daily basis (Delete rotated logs older than X days).

NOTE: In the Log to text file section we recommend leaving Log verbosity at Level 2 – Above + Session Errors and increasing it only if you experience a problem, or if advised to do so by ESET Customer Care.

Log to OS application log allows information to be copied to the system event viewer log (Windows Control Panel > Administrative Tools > Event viewer).

Log to Syslog sends a syslog message to the specified syslog server on a specified port (default server is localhost, default port is 514) .For advanced syslog settings go to Tools > Server Options > Advanced >Edit Advanced Settings… > Setup > Logging . Here you can edit the syslog options - syslog server name, syslog server port, syslog facility and the syslog verbosity.

The Verbosity of a log means the level of detail in a log and the information included.

Level 1 - Critical Information – Faulty behavior (in this case, please contact ESET Customer Care).

Level 2 - Above + Important Session Information – Information about server communication (who logged on to the ERA Server, when and why).

Level 3 - Above + Various Information – Information about internal processes on the ERA Server.

Level 4 - Above + Installer – Information about the einstaller.exe agent (information about the ERA Server - agent connection/disconnection and the results).

Level 5 - Above + Clients – Client information (information about the ERA Server, client connection/disconnection and the results).

NOTE: We recommend leaving the Log verbosity set to Level 2 – Above + Session Errors. Change the log level only if you are experiencing problems, or if you are advised to do so by ESET Customer Care.

3.The database Debug Log option should be disabled under normal circumstances - it is used for troubleshooting database problems. Click Tools > Server Options > Advanced > Edit Advanced Settings… > Setup > Logging > Rotated debug log compression to configure the compression level for individual rotated logs.