[KB8059] Request log files from clients in ESET PROTECT (8.x – 10.x)
Issue
ESET Technical Support has requested a copy of one of the following log files:
- Detections
- Events
- Computer scan
- Blocked files
- Sent files
- Audit logs
- HIPS
- Firewall
- Network protection
- Filtered websites
- Antispam protection
- Web Control
Create a SysInspector log and submit it to ESET Technical Support for analysis
Details
Click to expand
Your ESET product keeps logs of all scans that run on your computer. These scan logs are useful to determine if previous detections have been successfully cleaned or deleted. See below for more information about each type of log file:
- Detections: Detailed information about infiltrations detected by your ESET product modules.
- Events: Detailed information about all important actions performed by your ESET product.
- Computer scan: Results of all completed manual or planned scans.
- Blocked files: Contains records of files that were blocked and could not be accessible.
- Sent files: Contains records of files that were sent to ESET LiveGrid or ESET LiveGuard Advanced for analysis.
- Audit logs: Contains information about the date and time when the change was performed, type of change, description, source, and user.
- HIPS: A record of specific rules that were marked for logging by the user.
- Firewall: Only in ESET Endpoint Security—Displays all remote attacks on your computer detected by the firewall.
- Network protection: Information about any attacks on your computer.
- Filtered websites: List of websites that were blocked by Web access protection or Web control.
- Antispam protection: Contains records related to email messages that were marked as spam.
- Web Control: Only in ESET Endpoint Security—Shows web pages that were blocked or allowed by Web Control, as well as how filtering rules were applied.
Solution
Endpoint users: Perform these steps on individual client workstations
ESET PROTECT 8.x and later
Each ESET PROTECT component performs logging. ESET PROTECT components write information about certain events into log files. The location of log files varies depending on the component.
| Windows | |
|---|---|
| ESET PROTECT Server | C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs\ |
| ESET PROTECT Agent | C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\ |
| ESET PROTECT Web Console and Apache Tomcat | C:\Program Files\Apache Software Foundation\Tomcat 7.0\LogsFind more information on Apache website |
| Mobile Device Connector | C:\ProgramData\ESET\RemoteAdministrator\MDMCore\Logs\ |
| Rogue Detection Sensor | C:\ProgramData\ESET\Rogue Detection Sensor\Logs\ |
|
Apache HTTP Proxy
ESET Bridge (applies to ESET PROTECT 10.0 and later)
|
C:\Program Files\Apache HTTP Proxy\logs\C:\Program Files\Apache HTTP Proxy\logs\errorlogC:\ProgramData\ESET\Bridge\CrashDumpsC:\ProgramData\ESET\Bridge\LogsC:\ProgramData\ESET\Bridge\Proxies\Nginx\logs\cache.log |
| Earlier Windows operating systems | C:\Documents and Settings\All Users\Application Data\ESET\... |
Visit the Online Help topic for log file locations in Windows, Linux, ESET PROTECT Virtual Appliance, and macOS.
