Secret Server Log List

Secret Server Logs

SS log

The Secret Server system log is a top-level IIS log that reports when roles start and stop and any activity occurring on the site, as well as any legacy monitors.

Location: C:\inetpub\wwwroot\SecretServer\log

See Enabling Debug Mode in System Log Files for more on using this log.

SS-BSSR log

The background scheduler server role log is responsible for jobs that fire upon a trigger. Currently, we have some monitors that schedule work from the website but will transition to trigger jobs in the scheduler.

Location: C:\inetpub\wwwroot\SecretServer\log

SS-BWSR log

The background worker server role log is responsible for logging work triggered by the background scheduler and legacy monitors. Work includes heartbeat, password changing, discovery, event pipelines, and others.

Location: C:\inetpub\wwwroot\SecretServer\log

SS-EWSR log

The engine worker server role log is responsible for processing all responses from distributed engines, such as discovery and heartbeat.

Location: C:\inetpub\wwwroot\SecretServer\log

SS-MMSR log

The MemoryMq server role log records internal site connector activity when RabbitMq is not installed or used.

Location: C:\inetpub\wwwroot\SecretServer\log

SS-SRWSR log

The session recording worker server role log is responsible for processing session recordings from Secret Server.

Location: C:\inetpub\wwwroot\SecretServer\log

Protocol Handler Log

SS-RDPWin log

The Remote Desktop Protocol (RDP) for Windows log records protocol handler activity. It is located at C:\Users\Administrator\AppData\Roaming\Thycotic\log

Despite the name, the log covers more than just RDP.

To access the log:

  1. Type Run in the Windows start menu search text box to launch the Run Command application. The Run popup appears:

    image-20220228142151413

  2. Type %AppData%\Thycotic\log into the Open text box.

  3. Click the OK button. The folder containing the file appears.

Enabling Debug Logging for the Protocol Handler Log

This section explains how to enable verbose debug logging for protocol handler.

  1. Navigate to C:\Program Files\Thycotic Software Ltd\Secret Server Protocol Handler.

  2. Open the log4net-rdp.config configuration file in a text editor as an administrator:

    Copy 
    <?xml version="1.0" encoding="utf-8"?>
    <log4net>  <root>    <!--<level value="DEBUG" />-->    <!--<level value="VERBOSE" />-->    <!--<level value="OFF" />-->    <level value="INFO" />    <appender-ref ref="Thycotic.LogFileAppender" />  </root>  <appender name="Thycotic.LogFileAppender" type="log4net.Appender.RollingFileAppender">    <!--<file value="C:\LogFiles\Thycotic\SS-RDPWin.log" />-->    <file value="${AppData}\Thycotic\log\SS-RDPWin.log" />    <rollingStyle value="Size" />    <maxSizeRollBackups value="34" />    <maximumFileSize value="10MB" />    <lockingModel type="log4net.Appender.FileAppender+MinimalLock" />    <layout type="log4net.Layout.PatternLayout">      <conversionPattern value="%utcdate [CID:%property{Correlation}] [C:%property{Context}] [TID:%thread] %-5level %logger - %message%newline" />    </layout>  </appender></log4net>

  3. Comment out <!--<level value="INFO" />.

  4. Remove the comment out of <level value="DEBUG" />.

  5. Re-create the original issue a couple of times with DEBUG enabled.

  6. Navigate to ~\AppData\Roaming\Thycotic\log" on the machine you are launching protocol handler from. Copy and save the SS-RDPWin log file.

  7. Return log4net-rdp.config to its original state by removing the comment out of <!--<level value="INFO" /> and commenting out <level value="DEBUG" />

Distributed Engine Log

SSDE log

The Secret Server distributed engine log is responsible for recording distributed engine activity.

Location: C:\Program Files\Thycotic Software Ltd\Distributed Engine\log

To configure the DE log:

  1. Log in as an administrator on the distributed engine server.
  2. Locate the Thycotic.DistributedEngine.Service.exe.config in the C:\Program Files\Thycotic Software Ltd\Distributed Engine directory.
  3. Open the file in a text editor to change it as desired.

Enabling Debug Mode in Distributed Engine Log Files

Please see Enabling Debug Mode in Distributed Engine Log Files.

Enabling Discovery Logging

To enable discovery logging, change the Thycotic.DistributedEngine.Service.exe.config configuration file as follows:

Copy 
<logger name="Thycotic.Discovery">
  <level value="VERBOSE" />
</logger>

RabbitMQ Log

Access the RabbitMQ logs at C:\RabbitMq\log.