Not sure if you're trying to trouble shoot an authentication or vulnerability issue, but here are some keys for enabling verbose logging on an MVM scan engine that I find helpful. These need to be created in the system's registry. These are all DWORD registry keys that should be set to FF (255) when you want to enable verbose logging:
- This enables verbose logging for Shell authentication
- This enables verbose logging for Windows authentication
- This enables verbose logging for OS vulnerabilities
These need to be created in the HKEY_Local_Machine\Software\Wow6432Node\Foundstone\Foundscan\Tweaks\ (for 64 bit scan engines) or HKey_Local_Machine\Software\Foundstone\Foundscan\Tweaks\ folder (for 32bit scan engines). If the tweaks registry folder is not there, create it. Once you add (or remove) these registry keys you will need to restart the FSLogDispatcher service. This usually has a few other services that are dependent on it, which is fine.
Enabling verbose logging can create a lot of large log files, so I wouldn't recommend keeping it enabled.
Thank you will try this. I had the KB article somewhere but lost the URL.