10: How do I turn on enhanced logging for PolicyPak Group Policy Compliance Reporter if asked to do so?
Apr 13, 2021
1856
If asked by PolicyPak Support to turn on enhanced logging, follow the steps detailed below.
Enhanced logging is controlled by registry entries. As enhanced logging creates a potentially large amount of data, this allows a quick turn on and off to limit the amount of ‘junk’ in the logs.
Pre-requisites:
Download the .reg update files from -> HERE <- Unzip, and copy to required computer: GPCR Server, Client (Admin console) and/or Endpoint
Get Logs from Server and/or Client
- Close Admin Console
- Import required ‘Enable’ Logging reg files (Admin rights required)
- For Server: PPGPCR Server Enable Logging.reg
- For Client: PPGPCR Client (Admin Console) Enable Logging.reg
- If getting server logs, Stop and Start “PolicyPak GP Compliance Reporter Server Service”
- Open the Admin Console and force the issue – make it do the thing and cause the error
- Close the Admin Console
- Import required ‘Disable’ Logging reg files (Admin rights required)
- For Server: PPGPCR Server Disable Logging.reg
- For Client: PPGPCR Client (Admin Console) Disable Logging.reg
- If getting server logs, Stop and Start “PolicyPak GP Compliance Reporter Server Service”
- Zip the requested logs from the following directories
- For Server: %ProgramData%\PolicyPak\PolicyPak Group Policy Compliance Reporter Server\Diagnostics
- For Client: %LOCALAPPDATA%\PolicyPak\PolicyPak Group Policy Compliance Reporter\Diagnostics
- If both logs were requested, combine to one zip and rename to reference your ticket number (e.g. SRX0000????-gpcr.zip), otherwise just rename the one zip file
- Upload to ShareFile link provided by your support rep.
Endpoint
- Import required ‘Enable’ Logging reg files (Admin rights required)
- For Endpoint: PPGPCR Endpoint Enable Logging.reg
- Run “GPUpdate /force” to trigger the auditor
- Wait about 2-5 minutes to allow the trigger to take place and the log collection to complete
- Import required ‘Disable’ Logging reg files (Admin rights required)
- For Endpoint: PPGPCR Endpoint Disable Logging.reg
- Zip the requested logs from the following directories and rename to reference your ticket number (e.g. SRX0000????-gpcr.zip)
- For Endpoint: %ProgramData%\PolicyPak\PolicyPak Group Policy Compliance Reporter Auditor Endpoint\Diagnostics
Note: If also gathering Server and/or Client logs, add this log to the SRX*-gpcr.zip file created in the previous section
- For Endpoint: %ProgramData%\PolicyPak\PolicyPak Group Policy Compliance Reporter Auditor Endpoint\Diagnostics
- Upload to ShareFile link provided by your support rep.