Administrator logs, console and traces
SN VPN Client Exclusive offers three types of logs:
Administrator logs are specifically designed for software activity and usage reports.
The Console provides detailed information on the tunnels as well as the related opening and closing steps. It essentially consists of the IKE messages and provides high-level information about the establishment of the VPN tunnel. It is intended for administrators to identify possible VPN connection issues.
The Trace mode makes every component of the software write an activity log about its inner workings. This mode is intended for Stormshield support to diagnose software issues.
SN VPN Client Exclusive can collect administrator logs: tunnel opening, expired certificate, connection duration, wrong login/password, changes to the VPN configuration, import or export of this configuration, etc. Administrator logs provide a first level of analysis for any issues that may be encountered.
The following actions can be performed on collected logs either exclusively or simultaneously:
Store in a local file
Record in the Windows Event Log
Send to a Syslog server
Administrator logs are configured in the Tools > Options… window on the Logs management tab.
- The path for SN VPN Client Exclusive logs in the Windows Event Viewer is the following:
- Administrator logs are listed in section Administrator logs in the appendices.
- When administrator logs are stored in a local file, the path to these logs is the System sub-directory in the logging directory: C:\ProgramData\Stormshield\Network VPN Client Exclusive\LogFiles\System.
Read access to this directory is available in all modes, but write access is only available in Administrator mode.
Access the Console using either of the following methods:
Tools > Console menu in the Configuration Panel (main interface)
CTRL+D shortcut when the Configuration Panel is open
From the software’s taskbar menu, choose Console
The Console has the following functions:
Save: Saves all the traces displayed in the window into a file
Start / Stop: Starts/stops a console log
Clear: Clears the contents of the window
Reset IKE: Restarts the IKE service
Trace mode is enabled using the following shortcut: Ctrl+Alt+T.
You do not need to restart the software when you enable the trace mode.
When the trace mode is enabled, every component of SN VPN Client Exclusive generates activity logs. The logs produced are stored in a folder that you can access by clicking the blue folder icon located in the status bar of the Configuration Panel (main interface).
- Logs can only be enabled on the Configuration Panel and access to the Configuration Panel can be restricted to administrators.
- Even though logs do not contain any sensitive information, we recommend that, if enabled by the administrator, said administrator ensures that they are disabled and, if possible, deleted when quitting the software.
- Trace logs are kept for 10 days. The software automatically deletes any older files.
- When stored in a local file, administrator logs are not deleted.