Export (0) Print
Expand All

Using FSSMC tools to collect diagnostic information

 

Applies to: Forefront Server Security Management Console

Topic Last Modified: 2009-11-18

Diagnostic logging can be used by Microsoft support engineers to help troubleshoot problems when FSSMC is not functioning properly. To accurately diagnose a problem, support engineers typically need a variety of information about FSSMC and the Forefront Server Security or Antigen servers it is managing. This information includes diagnostic logs, third-party scan engine information, registry settings, and deployment agent information, among other things.

To make it easier for you to collect FSSMC diagnostic information, the FSSMC diagnostic tool automates the process, assembling all the necessary data in one file called SEMInfo.zip.

You can also run the FSSMC Remote Diagnostic tool, which automates a similar diagnostic data collection process on the remote managed servers. In this case, the file that is created is called SEMInfo_Remote.zip.

After SEMInfo.zip and SEMInfo_Remote.zip are created, you can upload these files to Microsoft so that support engineers can better help you troubleshoot your FSSMC issues. When you contact Microsoft support, you are told where to upload the files.

To collect diagnostic data from the FSSMC and managed servers
  1. Enable diagnostic logging on the FSSMC server by clicking Start, pointing to All Programs, pointing to Microsoft Forefront Server Security, pointing to Diagnostics, and then clicking Enable Forefront Log.

  2. From FSSMC, deploy an agent to the Antigen or Forefront Server Security product server if you have not done so already. For more information, see “Deploying Agents” in Getting Started.

  3. Enable diagnostic logging on the managed server by clicking Start, pointing to All Programs, pointing to Microsoft Forefront Server Security Management Console Remote Diagnostics, and then clicking Enable Forefront Log.

  4. Reproduce the issue that you are experiencing with FSSMC.

  5. Collect diagnostic information on the FSSMC server by clicking Start, pointing to All Programs, pointing to Microsoft Forefront Server Security, pointing to Diagnostics, and then clicking Forefront Diagnostic.

  6. Collect diagnostic information on the managed server by clicking Start, pointing to All Programs, pointing to Microsoft Forefront Server Security Management Console Remote Diagnostics, and then clicking Forefront Remote Diagnostic.

  7. On Antigen servers only, you must also run the Antigen diagnostic utility, because the FSSMC Remote Diagnostic tool does not collect certain files that may be helpful when troubleshooting Antigen issues. For more information about running the Antigen diagnostic utility in order to collect data about Antigen, see Appendix D - Using the Antigen diagnostic utility in the Microsoft Antigen for Exchange User Guide.

  8. Contact Microsoft Help and Support to find out where to upload the compressed files (SEMInfo.zip and SEMInfo_Remote.zip), and optionally, the Antigen files created by running the Antigen diagnostic utility. For information about the location and contents of the SEMInfo.zip and SEMInfo_Remote.zip files after they are created, see About SEMInfo.zip files and About SEMInfo_Remote.zip files.

  9. Upload the compressed files to Microsoft.

noteNote:
You can also use additional FSSMC diagnostic utility options. The Clear Forefront log option removes all Forefront logs except the logs in the zip files, and Disable Forefront log turns off the Forefront logs.

After it is created, the SEMInfo.zip file is placed by default in the following folder:

Microsoft Forefront Security\Server\Server Management\Diagnostics

This compressed file contains the following files.

 

File Description

COM+_Users.txt

Collects all users associated with the following COM+ FSSMC services:

  • Microsoft.SEM.Services
  • Microsoft.SEM. NotificationSender

GeneralInfo.txt

Provides general information on FSSMC and the system, such as operating system version, FSSMC version, SQL version, and Global Assembly Cache.

NetShare.txt

Contains the output of Net Share.

Registry_Software.txt

Collects the FSSMC registry.

Registry_System.txt

Collects the system registry.

EventLog_Application

Collects the application event log in .evt format.

EventLog_Security

Collects the security event log in .evt format.

EventLog_System

Collects the system event log in .evt format.

DirPermission.txt

Contains access permission information for the directories to which FSSMC requires access.

IISInfo.txt

Contains IIS information such as Semconsole path, AppRoot, and so on.

LocalPolicy.inf

Exports user logon rights and privileges to the file.

FSSMCInstall.log

If it exists, this log contains FSSMC installation information

Microsoft.FSSMC.installationhelper.InstallLog

If it exists, this log provides logging of the .NET installation and registration.

FSSMCLog.txt

If it exists, this log provides diagnostic logging for FSSMC.

RedistributionAgent.txt

If it exists, this log contains scan engine update information.

SchedulerService.txt

Contains FSSMC scheduled job information.

LastGood.xml

If it exists, this log contains the last good engine update information.

dirtree.txt

Contains the directory tree under the \\Redistribution\\Cache directory.

DownloadEngineFiles.txt

If it exists, this log contains logging from the DownloadEngineFiles module that downloads all scan engine updates.

DeploymentAgent.txt

Provides logging for the deployment agent module.

BootStrapper.txt

Provides logging from the bootstrapper module used during the FSSMC installation.

After it is created, the SEMInfo_Remote.zip file is placed by default in the following folder:

Microsoft\FSSMC DeploymentAgent-number

This compressed file contains the following files.

noteNote:
The FSSMC Remote Diagnostic tool does not collect the following files on managed Antigen servers: ForefrontInstall.log, FSCStatsServ.txt, StatisticsManagerServer.txt, HRLog.txt, ProgramLog.txt, AEXMLAdapter.txt, and StatisticsManagerClient.txt. You can gather this information by using the Antigen diagnostic utility; for more information, see Appendix D - Using the Antigen diagnostic utility in the Microsoft Antigen for Exchange User Guide.

 

File Description

EventLog_Application

Collects the application event log in .evt format.

EventLog_Security

Collects the security event log in .evt format.

EventLog_System

Collects the system event log in .evt format.

ForefrontInstall.log

If it exists, this log contains the Forefront Server Security installation information.

SybariCacheDirInfo.txt

Contains all files and subdirectories in the C:\WINDOWS\Temp\SybariCache directory.

Registry_Software.txt

Collects the Antigen or Forefront Server Security registry

GeneralInfo.txt

Provides general system and Antigen or Forefront Server Security related information such as operating system version, Antigen statistics service status, and FSSMC deployment account privileges.

DeploymentAgent.txt

Contains FSSMC agent deployment related information.

FSCStatsServ.txt

Contains information about the Forefront Server Security calls made using the FSCStatisticsService service to update statistics data. Provides logging information for the statistics module, which processes the statistics information from Forefront Server Security.

PushInstaller.txt

Contains information about the PushInstaller service process, which is used during FSSMC agent deployment.

StatisticsManagerServer.txt

Contains information about updating statistics data for FSSMC.

HRLog.txt

Contains Antigen or Forefront Server Security errors.

ProgramLog.txt

Contains diagnostic and general activity for Antigen or Forefront Server Security, including scan engine updates, and virus and filtering detections and errors.

AEXMLAdapter.txt

Provides logging for the aexmladapter module.

StatisticsManagerClient.txt

Provides logging for the statistics service module.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft