3.7.2 Log message format

Format

In the log, each line represents a log message sent by the server or node. Depending on the log file, the format of the line is as follows:

[LEVEL] TIMESTAMP (COMPONENT) MESSAGE [msgid: MESSAGE ID]

Example:

[INFO] 2019.07.02 05:25:27.115: (core.workflow) Processing finished, node=':1076', user='LOCAL/admin', workflow_id='lms::workflow::WorkflowExecutor(0x214b02a8f60)', dataId='702a2230dd0d44de9bd773bccfe472a9', fileName='TermUtil.class', sha256sum='07aca175cc8a9f40819a47f6b5f809404bae8d31cf16e70d0a182c413ab39c98', blocked='false', blocked_reason='', overallResult='No Threat Detected', threatFoundCount='0', embeddedObjectsWithThreat='0', totalResultCount='3', threatDetectedBy='', threatName='', ruleName='File process', source='::1' [msgid: 82]

Where the different values are:

  • LEVEL : the severity of the message

  • TIMESTAMP : The date value when the log entry was sent

  • COMPONENT : which component sent the entry

  • MESSAGE : the verbose string of the entry's message

  • MESSAGE ID : the unique ID of this log entry - Learn more at 3.7.4 Error Message Description Table

Severity levels of log entries

Depending on the reason for the log entry, there are different types of severity levels.

Based on the configuration, the following levels are possible:

  • DUMP : The most verbose severity level, these entries are for debuggers only.

  • DEBUG : Debuggers severity level, mostly used by support issues.

  • INFO : Information from the software, such as scan results.

  • WARNING : A problem occurred needs investigation and OPSWAT support must be contacted, however the product is supposed to be operational.

  • ERROR : Software error happened, please contact support if the issue is persist. Software functionality may be downgraded in these cases.