Log files are an important component for troubleshooting attacks on the Mirage Gateway server, and for obtaining status information for the Mirage Gateway server.

Log files for the Mirage Gateway server are located in the /opt/MirageGateway/logs/ directory.

To increase security of the Mirage Gateway server, the log file must only grant access to the user who is running the Mirage Gateway process.

The format for a Mirage Gateway log is: 

Date Time [Severity]: Component: Event Type: Description

This is an example of a log: 

2014-04-15 03:26:33: [Error]: Auth Connector: Send: failed to send data to auth server (auth:)
2014-04-16 23:12:38: [Debug]: Gateway: Connect: coming new connection from (ip: 10.117.37.154)
2014-04-16 23:12:38: [Debug]: Gateway: Authenticate: started auth for (ip: 10.117.37.154)
2014-04-16 23:12:38: [Debug]: Auth Connector: Connect: ssl connection from (ip: 10.117.37.154)
2014-04-16 23:12:38: [Debug]: Auth Connector: Receive: reading client info from (10.117.37.154)
2014-04-16 23:12:38: [Debug]: Auth Connector: Authenticate: reading tcp auth from (ip: 10.117.37.154)

Table 1. Log File Properties

Property

Description

Date

The date that the event generated a log entry. The date is in the local time zone of the Mirage Gateway server.

The format of the date is YYYY-MM-DD.

Time

The time that the event generated a log entry. The time is in the local time zone of the Mirage Gateway server.

The format of the time is HH:MM:SS

Severity

The severity of the event. The

  • Verbose

  • Trace

  • Debug

  • Info

  • Warn

  • Error

  • Fatal

Component

The sub-component of the Mirage Gateway server that generated the event. For some events, the Component property might not be logged.

The components are:

  • TCP Config Parser- The parser of TCP related configurations, for example, TCP Timeout.

  • Gateway Config Parser- The parser of Gateway forwarding related configurations, for example, Mirage server addresses and load balancing strategies.

  • Auth Connector- The component that connects to the directory server for authentication.

  • Gateway- The gateway function that accepts the connection from the Mirage client and performs all read and write actions.

  • Upstream- The gateway function that connects with the Mirage server and performs all read and write actions.

Event Type

The action that the Component attempted to perform. For some events, the Event property might not be logged.

Description

A detailed explanation of the event. It may retain the information of other endpoints.

Table 2. Log Event Type

Event Type

Description

Resource Allocate

Resource allocation, such as memory.

Parse

Parse meaningful data, such as the configuration file.

IO

Common IO events, such as port binding or duplicate connections.

Connect

Connect to, or accept a connection.

Close

Close a network connection.

Receive

Receive or read from a connection.

Send

Send or write to a connection.

Save

Save to a file or storage location.

Load

Load from a file or storage location.

Forward

Forward information.

Authenticate

Valid date, such as certificates.

Validate

Validate data, such as certificates.

Control

Set parameters, such as TCP no delay.

Table 3. Remote Entity

Remote Entity Type

Description

ip

The Mirage client.

srv

The Mirage server.

auth

The authentication server, for example, Active Directory.

gw

The Mirage Gateway server.