When trying to enable the log files for Endpoint agents an error message appears as “Error Reading Keystore”
Symptoms: Information in the error indicates as keystore is invalid “Error reading keystore” which is misleading and the impact will be huge if this is not addressed in correct manner.
For example: If you go as per the error message then you will reset the keystore but the impact is all other agents won’t be able to communicate. Before resetting the keystore, please follow the following steps.
- Confirm if the user is a part of local admin’s group, if not then you will get the same error message “Error Reading Keystore”
- Click on start and select the command prompt
- Right click and select run as
- Login with credentials who is a part of either local admin or domain admin group
Follow the instructions on how to enable the log files on endpoint agents
- Please download vontu_sqlite3.exe and place in “Program Files\Manufacture\Endpoint Agent”
- From the command prompt go “Program Files\Manufacture\Endpoint Agent”
- Type the below command without quotes
-
“vontu_sqlite3 -db=cg.ead -p=VontuStop”
- Remember the default password is “VontuStop” unless you have changed then type the right password
- Now, you should be able to see sqlite prompt
- Keyin the following commands to enable the log files at endpoint agent (One at a time)
REPLACE INTO configuration VALUES ('Logging', 'Obfuscate', 'int', '0');
REPLACE INTO configuration VALUES ('Logging', 'DefaultLevel', 'str', 'FINER');
REPLACE INTO configuration VALUES ('Logging', 'HookManagerLevel', 'str', 'FINEST');
REPLACE INTO configuration VALUES ('Logging', 'FileSystemMessageListenerLevel', 'str', 'FINEST');
Additionally you can also run the attached gather.txt file to the client machine to gather all the log files at a time. Rename it to gather.bat and run the batch script which will compress the files into one file called AgentSupportInfo.zip.
Follow the instructions on how to disable the log files on endpoint agents
- Make sure that vontu_sqlite3.exe file stored in “Program Files\Manufacture\Endpoint Agent”
- From the command prompt go “Program Files\Manufacture\Endpoint Agent”
- Type the below command without quotes
-
“vontu_sqlite3 -db=cg.ead -p=VontuStop”
- Remember the default password is “VontuStop” unless you have changed then type the right password
- Now, you should be able the sqlite prompt
- Key in the following commands to disable the log files at endpoint agent
Update configuration SET VALUE = "1" WHERE setting = "Obfuscate";
INSERT INTO configuration VALUES ('Logging', 'DefaultLevel', 'str', 'INFO');
INSERT INTO configuration VALUES ('Logging', 'HookManagerLevel', 'str', 'INFO');
INSERT INTO configuration VALUES ('Logging', 'FileSystemMessageListenerLevel', 'str', 'INFO');