Where can i find the Information Centric Tagging  (ICT) server and Windows ICT Endpoint logs?

CT Server:

• ICT components (userprofile is the service user account): %userprofile%\App Data\Local\Temp
  • RightsWATCH w3wp_<date>.log – Administration, monitoring and all webservices components
     
  • You can probably find some logs under C:\Windows\Temp, but in this case you should check if the application pool is correctly configured – running under the service account
     
• Mobile devices specific logs:
  • Send / reply / forward email and get headers while reading. This ones are stored in the RightsWATCH server (userprofile is the mobile user account): %userprofile%\AppData\Roaming\Watchful Software\RightsWATCH\debug-logs
    • Impersonation client: RightsWATCH Mobile Client_rwImpersonationClient_<date>.log
       
  • Get the body of the email while reading. This ones are stored in the AD RMS server (userprofile is the mobile user account): logs using debug-view only (needs the DebugMode set to 1 in the web.config)
    • Can also find some under %userprofile%\App Data\Local\Temp\ RightsWATCH w3wp_<date>.log related to the Mobile Service webservice
   
  • If you are using Azure RMS:
    • This logs are also stored in ICT server at C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Watchful Software\RightsWATCH\debug-logs.

OWA:

• • On a CAS / Mailbox server, check Windows\Temp\rightswatch.log file

Windows Endpoint:

This logs are stored in user computer at %userprofile%\appdata\roaming\Symantec Corporation\Information Centric Tagging\debug-logs

Alternatively, you can run the rw-client-info.exe from C:\Program Files\Symantec Corporation\Information Centric Tagging, you will get a zip file with all the information from the client application.