A bit of magic or how to get access to log files of Kerio Control 8.x

All articles

Access to log files in Kerio Control 7.x had never been difficult. However, with the release of Kerio Control 8.x, everything has changed. The product has been completely ported to Linux and is now distributed only as virtual machines for Hyper-V/VMWare or ready hardware solutions (Kerio Control Box). By default, log files can be viewed via a web interface or a built-in reporting system. But what should you do it if you don’t like either of these options and want to use ProxyInspector as your favorite log analyzer and reporting tool as you did before?

Enabling SSH on Kerio Control

First of all, enable SSH in Kerio Control. To do that, go to Kerio Control Administration, click the State – System health tab, press and hold the right SHIFT key and click the Actions button, then select the “Enable SSH” option. You will see a warning prompt – answer Yes. We strongly do not recommend using SSH/SCP access for anything but downloading log files, unless you are a Linux guru.

Accessing Kerio Control log files

Once SSH is enabled, we can also download files using the SCP protocol. In Kerio Control 8.x, all log files are located in the /var/winroute/logs/ folder. To log in via SSH/SCP, use “Admin” as the password, but “root”, not “Admin”, as the user name.

To access via SCP, you can use any tool supporting it, such as WinSCP, PSCP from the PuTTY package, SCP from the CygWin package or other software. The command line for SCP.EXE from CygWin is:

SCP.exe root@*.log* .

Command line for PSCP.exe:

PSCP.exe [-pw password] root@*.log* .

The period at the end instructs the program to load to the current folder. PSCP can remember passwords, thus allowing you to fully automate the download of log files, but it’s totally up to you, since the loss of this password may lead to serious consequences.

ProxyInspector log analyzer requires only http, connection and web log files with the *.log.* extension, idx are not needed.

Logging settings in Kerio Control

Configuring logs in Kerio Control. If you use Kerio Control, we recommend using the log rotation mode. Rotation should be performed at least once a day and the rotation settings for each of the used log files (http, connection, web) should look like that:

Using ProxyInspector for log analysis and reporting on Kerion Control

In ProxyInspector, you need to set the post-rotation file processing mode and specify a folder that the log files will be downloaded to (this can be done in program settings for the Standard edition or in the Domain and Server Editor for the Enterprise edition):

Tags: Kerio Control, WinRoute, ProxyInspector, log file