3 Replies Latest reply on Feb 7, 2017 5:11 PM by johnmoe

    Agent Log Viewer

    haran92

      Hi All,

       

      ePO 5.3.1 is configured with remote logging option. Enable "remote logging" and "enable remote access log" is checked and also "accept connection from only ePO server" is unchecked.  Reference :-KB65992

       

      Apart from above policy changes , Please let me know for all necessary and prerequisites  for accessing agent log remotely from ePO.  like network connections need to allowed ? port connections ? access and other privileges on both ePO and client ?  Kindly provide me complete details for remote access on agent logs.

        • 1. Re: Agent Log Viewer
          johnmoe

          Well, it depends on how you want to access the logs.  From ePO, you can access client logs through System Tree.  Or, you can access the client logs through file share: \\<computer>\c$\programdata\mcafee\agent\logs.  But I suspect from the info you've given above, you're trying to access them via web browser. In that case, you'll need to make sure your agent-server communication port is open; by default, that's 8081.  So if you have a firewall on your PC, that port will need to be opened.  It doesn't need any permissions to be set.  Then just browse to the computer using http://<computername>:8081 and you should see the logs.

          • 2. Re: Agent Log Viewer
            haran92

            HI John,

             

            Thanks much for the clarification. Does my ePO account need to have admin privilege or any required privilege to the client system for viewing the log ?

             

            Regards,

            Haran Kumar M

            • 3. Re: Agent Log Viewer
              johnmoe

              Again, it depends on how you're accessing them.  Assuming you do mean by web browser, then no, there's no authentication on the log.  Any system that can get to it via http://<computername>:8081 will be able to see the log.

               

              Your statement about "my ePO account" makes me wonder if we're talking about the same thing?  If you're logged into ePO, and you select a system and choose "Action --> Agent -->  Show client log", then you'll have whatever permission you've assigned to that acount.  But if you just open a browser and navigate to http://<client>:8081 directly, it won't require any authentication (assuming you've disabled "accept connection from only ePO server").