Data Loss Prevention

 View Only
Back to Library

When trying to enable the log files for Endpoint agents an error message appears as “Error Reading Keystore” 

Feb 21, 2012 05:46 AM

When trying to enable the log files for Endpoint agents an error message appears as “Error Reading Keystore”

Symptoms:  Information in the error indicates as keystore is invalid “Error reading keystore” which is misleading and the impact will be huge if this is not addressed in correct manner.

For example: If you go as per the error message then you will reset the keystore but the impact is all other agents won’t be able to communicate.  Before resetting the keystore, please follow the following steps.

  1. Confirm if the user is a part of local admin’s group, if not then  you will get the same error message “Error Reading Keystore”
  2. Click on start and select the command prompt
  3. Right click and select run as
  4. Login with credentials who is a part of either local admin or domain admin group

 

Follow the instructions on how to enable the log files on endpoint agents

  1. Please download vontu_sqlite3.exe  and place in “Program Files\Manufacture\Endpoint Agent”
  2. From the command prompt go “Program Files\Manufacture\Endpoint Agent”
  3. Type the below command without quotes
  4.  “vontu_sqlite3 -db=cg.ead -p=VontuStop”
  5. Remember the default password is “VontuStop” unless you have changed then type the right password
  6. Now, you should be able to see sqlite prompt
  7. Keyin the following commands to enable the log files at endpoint agent (One at a time)
 REPLACE INTO configuration VALUES ('Logging', 'Obfuscate', 'int', '0');
REPLACE INTO configuration VALUES ('Logging', 'DefaultLevel', 'str', 'FINER');
REPLACE INTO configuration VALUES ('Logging', 'HookManagerLevel', 'str', 'FINEST');
REPLACE INTO configuration VALUES ('Logging', 'FileSystemMessageListenerLevel', 'str', 'FINEST');

Additionally you can also run the attached gather.txt file to the client machine to gather all the log files at a time. Rename it to gather.bat and run the batch script which will compress the files into one file called AgentSupportInfo.zip.

Follow the instructions on how to disable the log files on endpoint agents

  1. Make sure that vontu_sqlite3.exe  file stored in “Program Files\Manufacture\Endpoint Agent”
  2. From the command prompt go “Program Files\Manufacture\Endpoint Agent”
  3. Type the below command without quotes
  4.  “vontu_sqlite3 -db=cg.ead -p=VontuStop”
  5. Remember the default password is “VontuStop” unless you have changed then type the right password
  6. Now, you should be able the sqlite prompt
  7. Key in the following commands to disable the log files at endpoint agent
 Update configuration SET VALUE = "1" WHERE setting = "Obfuscate";
INSERT INTO configuration VALUES ('Logging', 'DefaultLevel', 'str', 'INFO');
INSERT INTO configuration VALUES ('Logging', 'HookManagerLevel', 'str', 'INFO');
INSERT INTO configuration VALUES ('Logging', 'FileSystemMessageListenerLevel', 'str', 'INFO');

Statistics
0 Favorited
8 Views
4 Files
0 Shares
0 Downloads
Attachment(s)
Download All
JPG file
1.JPG   40 KB   1 version
Uploaded - Feb 25, 2020
 
Download
JPG file
2.JPG   29 KB   1 version
Uploaded - Feb 25, 2020
 
Download
JPG file
3.JPG   36 KB   1 version
Uploaded - Feb 25, 2020
 
Download
txt file
gather.txt   712 B   1 version
Uploaded - Feb 25, 2020
 
Download

Tags and Keywords

Comments

Migration User
Mar 16, 2012 08:11 AM

Good one

Migration User
Mar 14, 2012 08:35 AM

Nice one and very helpful

DLP kishorilal
Feb 29, 2012 05:46 AM

Nice article, please provide more on this

 

Regards

Kishorilal

Migration User
Feb 23, 2012 08:26 PM

Thank you :)

Migration User
Feb 22, 2012 08:41 PM

I can see the efforts gone into the issue and the article.

Related Entries and Links

No Related Resource entered.