TROUBLESHOOTING
      Back to home
      1. Safetica
      2. TROUBLESHOOTING

      How to collect logs related to OS/application performance issues

      This article provides information about collecting logs related to performance and Safetica.

      This article applies only to Safetica hosted on-premises.

       

      In this article, you will learn more about:

       

      Requirements

      1. Safetica Maintenance Console

        • In Safetica ONE 10 – Named Safetica Management Console and available to administrators by default.
        • In unified Safetica – Renamed to Safetica Maintenance Console. Available upon manual installation from here.

      2. Read information about narrowing down the source of an issue: How to isolate the source of an issue in Safetica Maintenance Console

       

      Collecting logs - when the issue is reproducible on demand

      1. In the Safetica Maintenance Console, right-click the affected endpoint and select Enable Active Management > 1 hour. Wait until the device icon turns green.
      2. Go to Maintenance > Endpoint settings > General interface settings and set the Hide Safetica Processes and folders option to Disable for the affected device.
      3. Once the device receives the setting, Safetica processes will be visible in Task Manager.
      4. On the affected device, go to C:\Program Files\Safetica\Safetica Management Service\Tools and runSTSupportTool.exe.
      5. Click Create application issues report. Leave all options as they are and click Run. The monitoring begins.
      6. Go to Task Manager and find the most utilized process in the Details tab (highest RAM, CPU). You should focus mainly on Safetica processes. Right-click them and select Create memory dump file 2-3x times per process.

      7. Once done, go back to Safetica Support Tool and click Reproduced. Once the log creation is finished, click Report.
      8. Describe the problem and click Next.
      9. Click Run and wait until logs are collected.
      10. Upload the collected support package along with the dumps to upload.safetica.com with information about the date and time of the performance spike occurrence. You can also attach a print screen of the most utilized processes at that time.

      Collecting logs - when the issue is occurring randomly

      If you have a problem catching the performance issue because it occurs randomly, you can first provide us with logs collected in the following way. However, dumps are very important, and we cannot guarantee that we will be able to pinpoint the issue.

      1. In Safetica Maintenance Console > Maintenance > Endpoint settings, select the affected device in the user tree on the left.
      2. Change the Logging level to Verbose and save the change using the confirmation button in the top right corner:
      3. It will be set for 7 days. Wait until the issue appears.
      4. Once replicated, proceed with the next step to collect the logs. Be aware that they should be collected as soon as possible because the size limit of the log database on the device shrinks automatically.
      5. In Safetica Maintenance Console > Maintenance > Information collection, set up a new collection task, leave the preset configuration, and finish the wizard while selecting your affected device in the process.
      6. Download the collected log files. Upload everything to upload.safetica.com along with the information about the date and time of the replication.

      Collecting logs - when you can't determine the culprit of high resource utilization

      WPR tool:

      There may be a situation when you are unable to provide us with dumps because you are not sure which process(es) causes the high load on the system.

      In this case, you can use the Windows Performance Recorder (WPR) tool.

      This tool allows you to see the most used process and what is happening on your device. However, be aware that the tool has a slightly higher impact on the system.

      1. See the following article to get the Windows Performance Recorder.
      2. After installing the Windows Performance Recorder, start it and set it up as follows:
      3. Click Start to begin monitoring.
      4. After the issue is reproduced, click Stop and finish the wizard to obtain the log files.
      5. Upload the WPR along with the Safetica logs to upload.safetica.com.