Subsystem Logging
Question
How do you enable subsystem logging?
Answer
With a multitier, multi-threaded application such as Privileged Identity, there are many subsystems involved with performing any one action. When issues arise, it may be necessary to examine the individual components involved. There are seven bits that can be used to enable logging for various subsystems, allowing a large number of logging options to occur:
| Bit Value | (HEX) | Value Option |
|---|---|---|
| 1 | (1) | Network operations |
| 2 | (2) | Database operations |
| 4 | (4) | Threading operations |
| 8 | (8) | Dynamic group operations |
| 16 | (10) | Licensing operations |
| 32 | (20) | Timing operations |
| 64 | (40) | Crypto operations |
All values above are represented in decimal (hex values in parentheses).
Improperly editing the registry can lead to system instability or data loss. Make sure you back up your registry configuration prior to making any modifications. BeyondTrust is not responsible for any data loss or system corruption.
Steps
- Open regedit.
- Go to
Enterprise Random Password Manager: HKLM\Software\[Wow6432Node\]Lieberman\PWC\
Random Password Manager: HKLM\Software\[Wow6432Node\]Lieberman\RPM\
- Add a new DWORD, SubSystemsToLog.
- Set the new DWORD to match the bit mask represented above for the logging options to be turned on. Options are cumulative.
For example, a value of 1 would enable network operations only. A decimal value of 65 (41 Hex) would enable logging for network operations and crypto operations.
- Restart Privileged Identity.
New logging entries display only after opening the main program log for interactive operations or the deferred processor log for scheduled operations. Other logging entries are not reported in the user interface.
