SFTP Logging

(Requires Server administrator permission) In the logging.cfg file, you can configure logging for SFTP transfers. In the ARM schema, the table tbl_NegotiatedCiphersSSH is associated with tbl_Authentications and tbl_Actions, which tracks the negotiated cipher set for successful SFTP client/server authentications.

  • Setting the following advanced properties to true will improve the log performance: EnableXferLog (enable transfer logs) and CloseFinishedItemLog (false = enabled/default. By default, successful logs are removed.)

  • The server administrator can see negotiated ciphers in the EFT client log files, for troubleshooting purposes.

To configure logging for SFTP transfers

  1. Open logging.cfg in a text editor, such as Notepad.

  2. Find this line:

    #log4cplus.logger.SFTP=TRACE
  3. Delete the # from the front of the line to enable the logger.

  4. Leave as TRACE or change to DEBUG for troubleshooting.

If you change it to DEBUG, be sure to change it back to TRACE and/or add the # to the front to comment out (disable) that log to avoid creating unnecessarily large log files.  

Note that there are differences in how the logs are displayed depending on whether you are using SFTP.DLL or SFTP2.DLL.

When using the SFTP2.dll, the logs at the KEX section are in ASCII format:

When using the legacy SFTP.dll, the KEX section is in HEX format: