LANDesk Antivirus logging information

Version 18

    Verified Product Versions

    LANDESK Management Suite 9.5LANDESK Management Suite 9.6


    applies to LDMS 9.0 and 9.5 (pre-SP1)  for newer versions see: How To: Troubleshoot LANDESK Antivirus


    Question:

     

    What log files are used for troubleshooting LANDesk Antivirus?

     

    Answer:

    AVClientLogFiles.png

     

    Question:

     

    Is there a way to enable more verbose logging?

     

    Answer:

     

    VERBOSE LOGGING

    In the steps below, running AVSERVICE.EXE /LOG will cause a KAVE.INI file to be created in the LDCLIENT\Antivirus directory.  This file does not need to be created by hand.   After restarting the LANDesk Antivirus service ("NET START LDAVSERVICE"), you will notice the KAVE_{PID}.log files starting to grow in the LDCLIENT\Antivirus directory.

    EnableAVVerboseLogging.png

     

    GetSystemInfo Utility

     

    The GetSystemInfo gathers details information about a computer, including hardware information, operating systems, drivers, installed, software, etc.  This utlity can be very useful for determining the cause of certain issues.

     

    GetSystemInfo
    GetSystemInfo 4.1.0.245

     

    • 1. Run GetSystemInfo.exe on the computers with the problem.
    • 2. Click the button Create report in the right part of the main window.
    • 3. Wait until the utility has completely scanned the system.
    • 4. Click OK to confirm the creation of a report.


    A file will be created with the default name GetSystemInfo_<USER>_YYYY_MM_DD.zip.  Attach this report to your created case, or e-mail it to your LANDesk Support technician.

     

    This GetSystemInfo report can then be parsed and further analyzed by doing the following:

     

    1. Browse to http://www.getsysteminfo.com/
    2. From the GetSystemInfo web site click "Choose file" and then browse to the GetSystemInfo .TXT file and upload it to the site.

    GSI executable has been attached to this doc as link may have changed.

     

    Utility for gathering log file information

     

    Attached to this article is a utility that will automatically gather all of the Antivirus Log files (except the verbose logs) and settings information from the affected client.

     

    This creates a compressed .CAB file of all of the log files documented in this article, plus the .XML settings files for Antivirus Behavior.

     

    Detailed Steps:

     

    1. Download "GatherAVLogs.zip" attached to this article.

    2. Extract GatherAVLogs.ZIP to any directory

    3. Run GatherLogs.exe and wait for a minute until the GatherLogs.cab is fully created.

    4. Send the GatherLogs.cab file to the LANDesk Technician.

    Note:  If uploading to the LANDesk FTP server it may be necessary to rename the GatherLogs.cab file to CaseNumber-AVLogs.cab as a file may already exist called "Gatherlogs.cab".

     

    Note: The GatherLogs utility will not gather the GetSystemInfo log.  This must be sent seperately to the Support Technician.

     

    Turning on Advanced Logging for the Updater SDK (for troubleshooting definition download issues)

     

    1. Copy the attached UPDSDK.XML to the \ManagementSuite\LDLogon\Antivirus8 folder on the core server.

    2. Download antivirus pattern files

     

    This will create an UpdaterSDK7.log file in C:\Windows\SysWow64 (for 64-bit systems) or C:\Windows\System (for 32-bit systems)