[KB8059] Request log files from clients in ESET PROTECT On-Prem

Issue

 Home users

ESET Technical Support has requested a copy of one of the following log files:

  • Detections
  • Events
  • Computer scan
  • Blocked files
  • Sent files
  • Audit logs
  • HIPS
  • Firewall
  • Network protection
  • Filtered websites
  • Antispam protection
  • Web Control

Create a SysInspector log and submit it to ESET Technical Support for analysis

Details


Click to expand


Your ESET product keeps logs of all scans that run on your computer. These scan logs are useful to determine if previous detections have been successfully cleaned or deleted. See below for more information about each type of log file:

  • Detections: Detailed information about infiltrations detected by your ESET product modules.
  • Events: Detailed information about all important actions performed by your ESET product.
  • Computer scan: Results of all completed manual or planned scans.
  • Blocked files: Contains records of files that were blocked and could not be accessible.
  • Sent files: Contains records of files that were sent to ESET LiveGrid or ESET LiveGuard Advanced for analysis.
  • Audit logs: Contains information about the date and time when the change was performed, type of change, description, source, and user.
  • HIPS: A record of specific rules that were marked for logging by the user.
  • Firewall: Only in ESET Endpoint Security—Displays all remote attacks on your computer detected by the firewall.
  • Network protection: Information about any attacks on your computer.
  • Filtered websites: List of websites that were blocked by Web access protection or Web control.
  • Antispam protection: Contains records related to email messages that were marked as spam.
  • Web Control: Only in ESET Endpoint Security—Shows web pages that were blocked or allowed by Web Control, as well as how filtering rules were applied.

Solution

 Endpoint users: Perform these steps on individual client workstations

Each ESET PROTECT On-Prem component performs logging. ESET PROTECT On-Prem components write information about certain events into log files. The location of log files varies depending on the component.

Windows  
ESET PROTECT Server C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs\
ESET PROTECT Agent C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\
ESET PROTECT Web Console and Apache Tomcat C:\Program Files\Apache Software Foundation\Tomcat 7.0\Logs
Find more information on Apache website
Rogue Detection Sensor C:\ProgramData\ESET\Rogue Detection Sensor\Logs\
Apache HTTP Proxy
 
 
ESET Bridge (applies to ESET PROTECT On-Prem versions 10.0 and later)
C:\Program Files\Apache HTTP Proxy\logs\
C:\Program Files\Apache HTTP Proxy\logs\errorlog
 

C:\ProgramData\ESET\Bridge\CrashDumps
C:\ProgramData\ESET\Bridge\Logs
C:\ProgramData\ESET\Bridge\Proxies\Nginx\logs\cache.log
Earlier Windows operating systems C:\Documents and Settings\All Users\Application Data\ESET\...

Visit the Online Help topic for log file locations in Windows, Linux, ESET PROTECT Virtual Appliance, and macOS.