Using and configuring logs
Logs overview
Logs keep information records of selected events occurred in or detected by Kerio Control. Each log is displayed in a window in the Logs section.
Optionally, records of each log may be recorded in files on the local disk and/or on the Syslog server.
Locally, the logs are saved in the files under the
logs subdirectory where Kerio Control is installed. The
file names have this pattern:
log_name.log (e.g. debug.log). Each log includes
an .idx file, i.e. an indexing file allowing faster
access to the log when displayed in the administration interface.
Individual logs can be rotated — after a certain time period or when a threshold of the file size is reached, log files are stored and new events are logged to a new (empty) file.
Kerio Control allows to save a selected log (or its part) in a file as plaintext or in HTML. The log saved can be analyzed by various tools, published on web servers, etc.
Logs Context Menu
When you right-click inside any log window, a common context menu will be displayed:
Copy
This action makes a copy of the selected text from the log and keeps it in the clipboard. Text selection and copying through the context menu is supported only in Internet Explorer where it is necessary to allow access to the clipboard.
For this operation it is recommended to use shortcut Ctrl+C (or Apple+C on Mac). This method is compatible throughout operating systems.
Save Log
This option saves the log or selected text in a file as plaintext or in HTML.
NOTE
This function provides more comfortable operations with log files than a direct access to log files on the disk of the computer where Kerio Control is installed. Logs can be saved even if Kerio Control is administered remotely.
The Save log option opens a dialog box with the following parameters:
- Format — logs can be saved as plaintext or in HTML. If the HTML format is used, colors will be saved for the lines background (see section Highlighting) and all URLs will be saved as hypertext links.
- Source — either the entire log or only a part of the text selected can be saved. In case of remote administration, saving of an entire log may take some time.
Highlighting
Highlighting may be set for logs meeting certain criteria (for details, see below).
Log Settings
A dialog where log rotation and Syslog parameters can be set.
Clear Log
Removes entire log. All information of will be removed from the log forever (not only the information saved in the selected window).
WARNING
Removed logs cannot be refreshed anymore.
NOTE
Only users with read and write rights are allowed to change log settings or remove logs.
Log highlighting
For better reference, it is possible to set highlighting for logs meeting certain criteria. Highlighting is defined by special rules shared by all logs. Seven colors are available (plus the background color of unhighlighted lines), however, number of rules is not limited.
- Use the Highlighting option in the context pop-up menu to set highlighting parameters. Highlighting rules are ordered in a list. The list is processed from the top. The first rule meeting the criteria stops other processing and the found rule is highlighted by the particular color. Thanks to these features, it is possible to create even more complex combinations of rules, exceptions, etc. In addition to this, each rule can be disabled or enabled for as long as necessary.
- Click on Add and define a rule or double-click the existing rule and redefine it.
- Each highlighting rule consists of a condition and a color which will be used to highlight lines meeting the condition. Condition can be specified by a substring (all lines containing the string will be highlighted) or by a regular expression (all lines containing one or multiple strings matching the regular expression will be highlighted).
NOTE
Kerio Control accepts all regular expressions in accordance with the POSIX standard.
- Click OK.
Logs Settings
In option Log settings in the log context menu, you can select options for saving the log and sending messages to the Syslog server. These parameters are saved separately for each log.
File Logging
Use the File Logging tab to define file name and rotation parameters.
- Select Enable logging to file. This option enables/disables saving to a file. If the log is not saved in a file on the disk, only records generated since the last login to Kerio Control will be shown. After logout (or closing of the window with the administration interface), the records will be lost.
- Select a type of rotation:
Rotate regularly
Set intervals in which the log will be rotated regularly. The file will be stored and a new log file will be started in selected intervals.
Weekly rotation takes effect on Sunday nights. Monthly rotation is performed at the end of the month (in the night when one month ends and another starts).
Rotate when file exceeds size
Set a maximal size for each file. Whenever the threshold is reached, the file will be rotated. Maximal size is specified in megabytes (MB).
- Type a number of rotated log files to keep. Maximal count of log files that will be stored. Whenever the threshold is reached, the oldest file will be deleted.
- Click OK.
NOTE
- If both Rotate regularly and the Rotate when file exceeds size are enabled, the particular file will be rotated whenever one of these conditions is met.
- Setting of statistics and quotas accounting period does not affect log rotation. Rotation follows the rules described above.
Syslog Logging
The External Logging tab allows sending of
individual log records to the Syslog server. Simply enter the DNSDomain Name System - A database enables the translation of hostnames to IP addresses and provides other domain related information. name or the
IP addressAn identifier assigned to devices connected to a TCP/IP network. of the Syslog server. If you are using default port, type the server
name only. If you are using non default port, customize it as
server:port in the Syslog server field.
The Syslog server distinguishes logs by Facility and Severity.
- Facility — The default value is 16: Local use 0, but you can change it as you need.
- Severity — The value is fixed for each log. Severity values are provided in table below.
In the Application field, you can type a description displayed in the Syslog server.
| Log | Severity |
|---|---|
| Alert | 1: Alert |
| Config | 6: Informational |
| Connection | 6: Informational |
| Debug | 7: Debug |
| Dial | 5: Notice |
| Error | 3: Error |
| Filter | 6: Informational |
| Host | 6: Informational |
| Http | 6: Informational |
| Security | 5: Notice |
| Warning | 4: Warning |
| Web | 6: Informational |
Detailed articles
| Log | Article |
|---|---|
| Alert | Using Alert Messages |
| Config | Using the Config log |
| Connection | Using the Connection log |
| Debug | Using the Debug log |
| Dial | Using the Dial log |
| Error | Using the Error log |
| Filter | Using the Filter log |
| Host | Using the Host log |
| Http | Using the Http log |
| Security | Using the Security log |
| Warning | Using the Warning log |
| Web | Using the Web log |