logutil
You can use the logutil program to manually capture log data. The logutil program logs the data to a specified log file. This can be used to troubleshoot issues on target systems where client or server tools have been installed.
The logutil program could be used for testing purposes on the Bravura Security Fabric server instead of the Logging Service. In this scenario, you would turn off the Logging Service and turn on logutil prior to executing specific actions to capture the log output for those actions.
Do not run logutil and Logging Service at the same time on the same server – they could interfere with each other.
If you terminate logutil by using Ctrl + C , Ctrl + Break or by closing the window, then the logging session is also terminated.
In addition to being available on the Bravura Security Fabric server, logutil can be copied to other servers to test client tools or the Password Change Notification Module. The 64-bit logutil program is located in the util directory, and the 32-bit version is located in <instance> \ util \ x86 \ . The program is installed with Bravura Privilege client software in:
<Program Files path\>Bravura Security\hipamlws\util\
The Logging Service is not required on client workstations.
Requirements
You must run the logutil command as an administrator with sufficient privileges.
Usage
logutil.exe [options] -instance <instance> | -cleanup [-instance <instance> ]
Argument | Description |
|---|---|
-bufmax <count> | Maximum number of buffers. The default value is the Windows Events MinimumBuffers + 20. |
-bufmin <count> | Minimum number of buffers. The default value is the number of CPUs + 2. |
-bufsize <size> | Size of the session buffers in multiples of 4 kb. The default is 64 kb. |
-instance <instance> | Instance to watch events for. For Bravura Privilege local service mode instances, the value is "Privileged Access Manager Client". |
-cleanup | Terminate any logging sessions which are not connected to any active client. If the instance name is specified, only the logging session for this particular instance is cleaned up. |
-level <level> | Debug level 1-5. Default is 5. |
-list | List all enabled Event Tracing for Windows sessions. |
-logfile <filename> | File to write events to. You must specify an absolute path. |
-makekey | Generate an instance name and its log GUID in the registry. Note: This option needs to be run once only. |
-maxdelay <maxdelay> | The maximum seconds to allow the sorting buffer to keep items before flushing out into the log file. The default value is 300. |
-maxsorted <count> | The maximum number of events that can be sorted in memory. The default value is 100,000. |
-outdbg | Write events with an output debug string. |
When logutil runs, a new registry entry is created to record the session. The entry is stored under:
HKLM\SOFTWARE\Bravura Security\Bravura Security Fabric\<instance>\LogSession
The name of the entry is the instance name. When you press [enter] to stop a session, the key will be gone with the session; however, if you kill the session by typing Ctrl + C , the registry entry will remain. Use the -cleanup option to remove remaining registry entries.
Note that various tools also have hardcoded instance names:
browser-extension-win: "Browser Extension"firefox-browser-extension: "Firefox Browser Extension"hidshext: "Shell Extension"hipamlws-win: "Hipamlws"hippm-sm: "Session Monitor"intcpt: "Password Filter"ntfclient: "Notification Client"pslocalr: "Local Reset Extension"psns: "Notes Extension"scard-activex-controls: "SmartCard PIN Management ActiveX Controls"ska/runurl: " Login Assistant"pamutil: "pamutil"
Examples
To start logging data for client software with a debug level of 4, type:
logutil.exe -makekey -instance Bravura_client -level 4 -logfile c:\idarchive.log
To start logging data on a local service mode managed system with a debug level of 4, to a log file named local_service.log, type:
logutil.exe -instance "hipamlws" -level 4 -logfile local_service.log
To start logging data on
pamutilandrunwithpasswith a debug level of 4, to a log file named pamutil.log, type:logutil.exe -instance "pamutil" -level 4 -logfile pamutil.log