EFT Server can be instructed to log specific or all HTTP request headers. When this following registry value is set to 1, all HTTP request headers will be logged:
[HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient]
"log_request"=dword:1
1 = enable "all request header" logging
0 = disable "all request header" logging [default]
For this registry key to work, a file called logging.cfg in the EFT Server installation folder (e.g., (C:\Documents and Settings\All Users\Application Data\GlobalSCAPE\EFT Server Enterprise\logging.cfg), must be configured to log at the DEBUG level. With this logging file, EFT Server logs requests that require authentication and those that cause session-checking failures. The information is logged to a file named EFT.log in the EFT Server installation folder (e.g., C:\Documents and Settings\All Users\Application Data\GlobalSCAPE\EFT Server Enterprise\). If you want to save EFT.log to a different location, change the reference at the bottom of the logging.cfg file from:
log4cplus.appender.R.File=${AppDataPath}\EFT.log
to the location you prefer.
(Note: On Windows 2008, Application Data files for all users are in a hidden folder named %systemroot%\ProgramData instead of under Documents and Settings\All Users\Application Data.)
For information regarding error codes in the EFT.log, please refer to the MSDN article at http://msdn.microsoft.com/en-us/library/windows/desktop/ms681381%28v=vs.85%29.aspx. For example, error code "5 (0x5)" indicates that access is denied.
All loggers inherit from the root logger; i.e., this is the default level that applies to all loggers:
log4cplus.rootLogger=WARN, R
Each logger's level can be set independently. Children inherit their parents setting unless set explicitly. For example, you can set Events and its children to a different level than the others:
log4cplus.logger.Events=TRACE
The log is case sensitive.
The logger hierarchy in EFT Server includes the following events:
ARM
ARM.Queue
HTTP
HTTP.Handler
HTTP.SessionManager
AS2
Status Viewer
Reporting
Server
Server.Startup
Server.Stop
CFG
CFG.Read
CFG.Write
AUD
AUD.Read
AUD.Write
AuthManager
AuthManager.RADIUS
AuthManager.RADIUS.Packet
AuthManager.RSA
Events
Events.Server
Events.Site
Events.Conn
Events.Client
Events.FS
Events.AS2
PGP
PGP.Adapter
CmdAccess
AWE
SMTP
AdminSupport
FileSystem
Reports
FTP
SSL
SFTP
Service
Common
Administrator
DMZSupport
Backup
PathManager
Registration
ClientManager
IPAccess
Timer
To enable other loggers, type log4cplus.logger.<name_of_event_to_log>=<log_level>. For example:
log4cplus.logger.Server.Startup=TRACE
EFT.log organizes logging levels as a hierarchy: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF. When you specify a logging level, each of the lower levels is also included. That is, if you specify DEBUG level, you also get INFO, WARN, ERROR, and FATAL logs. However, if you specify INFO, you will not log DEBUG or TRACE level activities.
Appenders determine where the output of the logging goes. Each logger can have more than one appender and inherits appenders from parents by default. Appenders have an associated layout that determines the content of the log lines. EFT Server uses a RollingFileAppender with the TTCCLayout. With this layout, the log contains the name of the logger, date/time, thread id, the log line itself, and other things.
The file logging.cfg in the EFT Server installation folder provides details of how EFT Server uses Log4Cplus. For more information about Log4Cplus, refer to http://log4cplus.sourceforge.net/docs/html/classlog4cplus_1_1PropertyConfigurator.html21e8e6b1440cc7a8a47b8fd14c54b239
The following appenders are enabled by default:
log4cplus.appender.R=log4cplus::RollingFileAppender
log4cplus.appender.R.File=${AppDataPath}\EFT.log
log4cplus.appender.R.MaxFileSize=20MB
log4cplus.appender.R.MaxBackupIndex=5
log4cplus.appender.R.layout=log4cplus::TTCCLayout