How to enable LiveUpdate Cross platform (LUX) details logging on Protection Engine

book

Article ID: 181756

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Scan Engine Protection for SharePoint Servers Protection Engine for NAS

Issue/Introduction

 

Resolution

How to enable debug logging for LiveUpdate Cross platform (Lux) for Symantec Protection Engine (SPE):

Basic Liveupdate logging is enabled by default and not configurable. Detailed logging is configurable and the configuration files can be found under Symantec_Protection_Engine_Tools_<version>_IN.zip. This can be downloaded from your MySymantec account.

To enable detailed LiveUpdate logging on SPE: 

- For Windows Platform
 
On Windows platforms, you need to use a Windows software trace preprocessor (WPP) tracing mechanism to view the LiveUpdate log. For example, use TraceView that is a part of Windows Driver Kit (WDK). It is necessary to run kitsetup.exe for traceview to be available on the local system.
 
Traceview is part of Windows Driver Kit (WDK). It can be obtained from http://www.microsoft.com/en-au/download/details.aspx?id=11800.

1. Unzip all the tmf and ctl files out from Symantec_Protection_Engine_Tools_<version>_IN.zip\SPE_Tools\Tools\LiveUpdate_Log_Config\Win64 to a known location.

2. Run TraceView.exe.

Configure "traceview" to capture the Liveupdate activity.

a. Click "File" ->> "Create New Log Session"

b. Click "Add Provider"

c. Select "CTL (Control GUID) File

d. Browse to the location of lux_logging_tools and choose "LuxTrace.ctl then click "Open"

e. Choose "Select TMF Files" then click "OK"

f. Click "Add" and choose "Lux.tmf" then click "Open"

g. Click "Done"

h. Repeat "a" to"g" for "DuluxTrace.ctl" and "duluxcallback.tmf" to complete the "Create New Log Session"

i. Click "Next" to configure the "Log SeesionOptions", choose "Real Time Display" and "Log Trace Event Data to File"

j. Click "Finish" then start "Liveupdate" from SPE GUI

 

- For Linux / Solaris Platform:

  1. Copy the lux.logging.conf file from the Symantec_Protection_Engine_Tools_<version>_IN.zip\Tools\LiveUpdate_Log_Config\ folder into the /etc/symantec directory.
  2. Edit the following values in the lux.logging.conf file:
  • logger.enabled=true
  • logger.level=info
  • logger.sink=file
  • logger.sink.file.filePath= user defined file path

Note: Ensure that the user defined file path exists. The path needs to end with the log file name.  For example "Logger.sink.file.filepath= /tmp/lux/lux_detail.log".

Location of the Liveupdate log:

On Linux / Solaris platforms:

/opt/SYMCScan/bin/definitions/AntiVirus/Logs/lux.log

On 64-bit Windows platforms:

C:\Program Files\Symantec\Scan Engine\Definitions\AntiVirus\Logs\lux.log

On 32-bit Windows platforms:

C:\Program Files (x86)\Symantec\Scan Engine\Definitions\AntiVirus\Logs\lux.log

 

Attachments

lux_logging_tools.zip get_app