GuardMode 2024.3
  • Welcome to GuardMode!
  • Intro
  • Installation
    • System requirements
    • Installing GuardMode Agent on Windows
      • Updating GuardMode Agent on Windows
    • Installing GuardMode Agent on Linux
      • Using Containerized GuardMode Agent
    • Uninstalling GuardMode Agent on Windows
    • Uninstalling GuardMode Agent on Linux
    • Configuring GuardMode Agent for SAMBA setup
    • Uninstalling GuardMode Agent on SAMBA setup
  • Agent Configuration
    • General Settings
    • Excluded Paths Configuration
    • Adding malware detection rules
      • Honeypot and Decoy Files
      • Write Operations Threshold
      • Detecting File Renaming with Abnormal File Extensions
      • Special Files Monitoring
    • Security Incident Detection
    • SMB Monitoring (Linux Only)
    • Event Reports
      • Configuring Event Reports
      • Excluding Paths From Event Reports
      • Tagging Agent
    • NFS Share Monitoring
    • Altering Audit Rules
    • Blocklist Management
      • Configuring DPX for Automatic Blocklist Updates
    • Using TLS
    • Configuring YARA-X
  • Using GuardMode Agent Command Line
  • REST API Documentation
  • On-demand Scanning
  • Logging
  • FAQ
  • Technical Support
Powered by GitBook
On this page

Logging

Agent Logs

Logs created by GuardMode Agent are stored by default in the following directories:

Windows
C:\Program Files\DPX\Catalogic Guard Mode Agent\Logs
Linux
/path/to/guardmodeagent/Logs

In this folder you can find:

  • Install logs file named install.log, providing a complete description of the installation process, which lets you see if the process was successful or if there were any issues.

  • GuardMode Agent logs are named as a date of the log-in yyyy-mm-dd.log format. They contain all logs related to the Agent's activity from a specific day.

  • Notifications logs are named using the format gm-agent-notificationsYYYY-mm-dd.log . They list all registered events detected by GuardMode Agent.

PreviousOn-demand ScanningNextFAQ