Download the UAG-log-archive.zip file from the Support Settings section in the Admin UI. This ZIP file contains all logs from your Unified Access Gateway appliance.
Set the Logging Level
You can configure log levels for the entire Unified Access Gateway appliance or only for specific Unified Access Gateway components such as the Horizon edge service (and sub-components), admin UI, and Web Reverse Proxy. The log levels that can be generated are ERROR, WARN, INFO, DEBUG, and TRACE.
Level | Type of Information Collected |
---|---|
INFO | The INFO level designates information messages that highlight the progress of the service. |
ERROR | The ERROR level designates error events that might still allow the service to continue running. |
WARNING | The WARNING level designates potentially harmful situations but are usually recoverable or can be ignored. |
DEBUG | Designates events that might generally be useful to debug problems, to view or manipulate the internal state of the appliance, and to test the deployment scenario in your environment. |
TRACE | Indicates information such as collection of Unified Access Gateway statistics, details of requests sent from Unified Access Gateway to backend servers and so on. |
Collect Logs
Download the log ZIP files from the Support Settings section of the admin UI.
These log files are collected from the /opt/vmware/gateway/logs directory on the appliance.
The following tables contain descriptions of the various files included in the ZIP file.
Filename | Description | Linux Command (if applicable) |
---|---|---|
version.info | Contains the versions of the OS, Kernel, GCC, and the Unified Access Gateway appliance. | |
ipv4-forwardrules | IPv4 forwarding rules configured on the appliance. | |
df.log | Contains information about disk space usage on the appliance. | df -a -h --total |
netstat.log | Contains information on open ports and existing TCP connections. | netstat -anop |
netstat-s.log | Network stats (bytes sent/received etc) from the time of creation of the appliance. | netstat -s |
netstat-r.log | Static routes created on the appliance. | netstat -r |
uag_config.json, uag_config.ini, uagstats.json | Entire configuration of the Unified Access Gateway appliance, showing all the settings as a json and an INI file. | |
ps.log | Includes processes running at the time of downloading logs. | ps -elf --width 300 |
ifconfig.log | Network interface configuration for the appliance. | ifconfig -a |
free.log | RAM availability at the time of downloading logs. | free |
top.log | Sorted list of processes by memory usage at the time of downloading logs. | top -b -o %MEM -n 1 |
iptables.log | IP tables for IPv4. | iptables-save |
ip6tables.log | IP tables for IPv6. | ip6tables-save |
w.log | Information about uptime, the users currently on the machine, and their processes. | w |
systemctl.log | List of services currently running on the appliance | systemctl |
resolv.conf | For connecting local clients directly to all the known DNS servers | |
hastats.csv | Contains stats per node and total stats information for each back-end type (Edge Service Manager, VMware Tunnel, Content Gateway) | |
system_logs_archive | Directory contains the following log files: cpu.info, mem.info, sysctl.log, and journalctl_archive. | |
cpu.info | Contains CPU information of the virtual machine collected from /proc/cpuinfo. | |
mem.info | Contains information about the virtual machine memory such as total memory available, free memory available, and so on collected from /proc/meminfo. | |
sysctl.log | Contains information about all the kernel parameters of the virtual machine. | sysctl -a |
journalctl_archive | Files contain journalctl log information that spans over 7 days until the time at which the archive is downloaded. For example, if an admin downloads the Logs Archive from the Unified Access Gateway Admin UI at 9 A.M. today then the archive contains information for the past 7 days including until 9 A.M. If the size of the logs collected is less than or equal to |
journalctl -x --since '1 week ago' |
journald.conf | Contains configuration information for the journalctl logs. | |
system-logs-collection-status.log | Contains information that indicates whether the following log files are successfully collected: cpu.info, mem.info, sysctl.log, and journalctl_archive. | |
hosts | Contains the /etc/hosts entries. | |
firstboot | Contains information that is generated when the Unified Access Gateway is booted for the first time. | |
subsequentboot | Contains information that is generated during subsequent reboots of Unified Access Gateway. | |
trustedCertificatesStore.log | Contains information about the certificate processing status when a trusted certificate is uploaded on Unified Access Gateway. | |
vami-ovf.log | Contains configuration-related information such as OVF properties, network, and so on of the Unified Access Gateway appliance during deployment. |
Filename | Description | Linux Command (if applicable) |
---|---|---|
supervisord.log | Supervisor (manager for the Edge Service manager, admin, and a AuthBroker) log. | |
esmanager-x.log, esmanager-std-out.log | One or more Edge service manager logs, showing back-end processes performed on the appliance. | |
audit.log | Audit log for all admin user operations. | |
authbroker.log | Contains log messages from the AuthBroker process, which handles Radius and RSA SecurID authentication. | |
admin.log, admin-std-out.log | Admin GUI logs. Contains log messages from the process that provides the Unified Access Gateway REST API on port 9443. | |
bsg.log | Contains log messages from the Blast Secure Gateway. | |
SecurityGateway_xxx.log | Contains log messages from the PCoIP Secure Gateway. | |
utserver.log | Contains log messages from the UDP Tunnel Server. | |
activeSessions.csv | List of active Horizon or WRP sessions. | |
haproxy.conf | Contains HA proxy configuration parameters for TLS port sharing. | |
vami.log | Contains log messages from running vami commands to set network interfaces during deployment. | |
content-gateway.log, content-gateway-wrapper.log, 0.content-gateway-YYYY-mm.dd.log.zip | Contains log messages from Content Gateway. | |
admin-zookeeper.log | Contains log messages related to the data layer that is used to store the Unified Access Gateway configuration. | |
package-updates.log | Contains log messages about the status of package updates (OS and Unified Access Gateway) applied to a Unified Access Gateway version, which has already been released and deployed in your environment. | |
tunnel.log | Contains log messages from the tunnel process that is used as part of the XML API processing. You must have Tunnel enabled in the Horizon settings to see this log. | |
tunnel_snap.log | Contains information that indicates whether the VMware Tunnel server and proxy logs are collected successfully. | |
tunnel-snap.tar.gz | Tarball containing VMware Tunnel server and proxy logs. | |
appliance-agent.log | Appliance agent (for starting up Workspace ONE UEM services) logs. | |
config.yml | Contains Content Gateway configuration and log level details. | |
smb.conf | Contains SMB client configuration. | |
smb-connector.conf | Contain SMB protocol and log level details. |
The log files that end in "-std-out.log" contain the information written to stdout of various processes and are usually empty files.
Log filename | Location | Property |
---|---|---|
admin-zookeeper.log | /opt/vmware/gateway/conf/log4j-admin.properties | log4j.appender.zookeeper.MaxFileSize=10MB log4j.appender.zookeeper.MaxBackupIndex=5 |
admin.log | /opt/vmware/gateway/conf/log4j-admin.properties | log4j.appender.default.MaxFileSize=10MB log4j.appender.default.MaxBackupIndex=5 |
audit.log | /opt/vmware/gateway/conf/log4j-admin.properties | log4j.appender.adminAudit.MaxFileSize=10MB log4j.appender.adminAudit.MaxBackupIndex=5 |
authbroker.log | /opt/vmware/gateway/conf/log4j-authbroker.properties | appender.rollingFile.policies.size.size=10MB appender.rollingFile.strategy.max=5 |
bsg.log | /opt/vmware/gateway/lib/bsg/absg.properties | logFilesize=8*1024*1024 logBackupCount=5 |
esmanager.log | /opt/vmware/gateway/conf/log4j-esmanager.properties | log4j.appender.default.MaxFileSize=25MB log4j.appender.default.MaxBackupIndex=10 |
tunnel.log | /opt/vmware/gateway/conf/log4j-tunnel.properties | log4j.appender.default.MaxFileSize=25MB log4j.appender.default.MaxBackupIndex=5 |
Files present at /var/log/journal | /etc/systemd/journald.conf | SystemMaxUse=1G |
keepalived.log | /etc/logrotate.d/keepalived | rotate 5 size 5M |
haproxy.log | /etc/logrotate.d/haproxy | rotate 5 size 25M |
auth.log | /etc/logrotate.d/auth | rotate 10 size 10M |
audit.log | /etc/logrotate.d/audit
Note:
/var/log/audit/audit.log contains events of the linux auditing service (auditd)
|
rotate 10 size 10M |
/var/log/messages /var/log/cron |
/etc/logrotate.d/messages_and_cron | rotate 20 size 50M maxage 30 |