Steps to collect high debug App Control Server logs.

• App Control Server: All Supported Versions

Gather Relevant Background Information:

• • What is the OS version and build of the application server where the App Control Server is installed?
  • What is the total system memory of the application server?
  • What is the total free disk space on the drive App Control Server is installed on?
  • What version of the App Control Server is currently installed?
  • Is the SQL database located on the same server as the App Control Server?
  • What version of SQL Server is hosting the App Control database? Is it patched to the latest Cumulative Update?
  • What error message or events are you receiving regarding this issue?
  • When did the error messages/events/issue start?
  • Were there any new changes on the server(s) or the network recently?

Gather Event Viewer and IIS Logs:

• • Collecting IIS Logs
  • Collecting Event Viewer logs

Gather High Debug App Control Server Logs:

If the web console is available:

1. Log in to the App Control Console
2. Navigate to https://ServerAddress/support.php > Diagnostics
3. Click the Snapshot Server Logs button to write existing logs and start a fresh log file.
4. Set Server Logging as follows:
   • Logging Duration: 30 Minutes
   • All Debug Levels: High
   • Enable SQL Trace
5. Click Start logging & reproduce the issue.
6. Return to https://ServerAddress/support.php > Diagnostics
7. Click "Stop Logging Now"
8. Click on “Available log files" from the right menu > Related Views > Save files:
   • API-TIMESTAMP.log
   • AppControlAD-TIMESTAMP.log
   • ReporterLog-TIMESTAMP.log
   • ServerLog-TIMESTAMP.bt9
   • SQLTrace-date-time.csv
9. Attach the IIS logs, Event Viewer Logs, and the logs from step 8 to the support case.

If the web console is not available:

1. Connect to the SQL server.
2. Open SQL Server Management Studio (SSMS) as either the service account or a SQL full admin.
3. Enable debug:

   use das; EXEC dbo.UpdateShepherdConfig 'DebugLevel', '6'
   use das; EXEC dbo.UpdateShepherdConfig 'ReporterLogLevel', '6'
   

4. Reproduce the issue
5. Return to SSMS and disable debug:

   use das; EXEC dbo.UpdateShepherdConfig 'DebugLevel', '0'
   use das; EXEC dbo.UpdateShepherdConfig 'ReporterLogLevel', '0'

6. Gather the logs from the locations:
   • \Program Files (x86)\Bit9\Parity Server\ServerLog.bt9
   • \Program Files (x86)\Bit9\Parity Server\Reporter\ParityReporter.log
7. Attach the IIS logs, Event Viewer Logs, and the logs from step 6 to the support case.

• App Control Server 8.8.6 and earlier: Restart the App Control Reporter service after collecting logs due to a known issue causing it to stop sending events after debugging finishes.