Debug Logging Concerns

Although debug logging is very useful when troubleshooting issues or gaining a better understanding of the system, PGP Corporation does not recommend running debug logging all the time. Concerns about debug logging include:

 

• Data privacy. Unencrypted mail content may get written to disk or private keys may be shown.
• Performance. Debug logging slows the server down, especially when the global options are used.
• Log size. Information can be more difficult to find, or the logs can fill the entire disk.

debug.xml is a configuration file that controls all PGP-related logging. This file is divided into different sections, one per log, as well as a section, <global> , that overrides all other sections when implemented.

The debug.xml file is located in the /etc/ovid/ directory, which is accessible by typing the URL https://<servername>.com:9000/omc/EditDebugPrefs.event in your browser's address bar. This is a hidden page in the PGP Universal Server administrative interface.

The debug.xml file contains the following sections:

 

• <global>: Controls individual settings across all log files with a single setting. This section is empty by default. Cut and paste a setting from another section of the file to the <global> section so that the pasted setting is applied to all of the log files (to which the setting is relevant).
• <pgpproxyd>: Controls the proxyd log file, which corresponds to the Email log available in the interface on the Reporting>Logs page.
• <pgpsyncd>: Controls the syncd log file, which corresponds to the Clustering log available in the interface on the Reporting>Logs page.
• <pgpupdate>: Controls the update log file, which corresponds to the Update log available in the interface on the Reporting>Logs page.
• <pgpbackup>: Controls the backup log file, which corresponds to the Backup log available in the interface on the Reporting>Logs page.
• <pgptcpwrapper>: Controls the tcpwrapper log file, which logs communication with the directory server. This log file is not available through the product user interface.
• <pgptokend>: Controls the tokend log file, which logs events involving ignition keys. This log file is not available through the product user interface.

To assist in troubleshooting issues, change the <log-level> value in the related section to debug.

To Turn Debug Logging On:

 

1. Type https://<servername>.com:9000/omc/EditDebugPrefs.event in your browser address bar.
2. Edit the <log-level> value to debug in the section you wish to troubleshoot.
   
   

   Note: If you want to enable a setting across all the log files, copy the setting and paste it in the section.

   
    
3. Click Save to update the debug settings.

If you changed settings in either the <proxyd> or <syncd> sections of the file, then restart the pgpuniversal service.

To restart the service:

 

1. Click the System card then select General tab.
2. Scroll down and click the Restart Services button.

To Turn Debug Logging Off:

 

1. Type https://<servername>.com:9000/omc/EditDebugPrefs.event in your browser address bar.
2. Edit the <log-level> value to info for the section.
3. Click Save to update the debug settings.

If you changed settings in either the <proxyd> or <syncd> sections of the file, then restart the pgpuniversal service.

To restart the service:

 

1. Click the System card then select General tab.
2. Scroll down and click the Restart Services button.