Back to binalyze.com

Collecting Console Log Files

AIR Console log files

AIR Console categorizes and stores the log files under three separate files as listed below:

  • Binalyze.AIR.Console.log

  • Binalyze.AIR.Console.UI.log

  • Binalyze.AIR.Console.API.log

  • Binalyze.AIR.Console.Migration.log

The log files generated by the AIR Console are stored in the directory listed below.

/opt/binalyze-air/volumes/app/binalyze-air/logs/

Downloading the AIR Console Logs and log files

Investigators and analysts can download AIR Console log files either by using AIR Console user interface or by connecting the console machines directly.

Method 1: By using Linux machine console commands

  1. Log in directly or connect remotely to the AIR Console machine with SSH

  2. Browse to the folder /opt/binalyze-air/volumes/app/binalyze-air/logs/

  3. Download the files by using SCP or view the contents of the files with tail, cat, or other CLI tools.

By using the user interface

  1. Click on 'Settings' in the primary menu.

  2. In the section titled 'Logging', a log level can be selected

  3. When selected, the 'Download Log Files' button will generate a compressed zip file, which, when expanded, will reveal one or multiple .log files.

AIR Console Logs are rotated regularly, and only the last log files will be downloaded by using the Download Log Files action.

The log level of the AIR Console can be adjusted according to your needs. For example, if an issue occurs in the AIR Console, the log level can be changed to Debug or HTTP to explore the issue better. The log levels can be configured from the same page where the log files are downloaded.

The log levels are explained below:

Debug: Debugging logs are used for troubleshooting and debugging purposes. When activated, it generates a large number of detailed log records. This may impact the system's performance and consume excessive disk space. Therefore, this level should be used carefully and only until the problem is resolved. Then it should be pulled back to the info level. Debug level covers both HTTP and info levels.

HTTP: HTTP logs are used for troubleshooting purposes. When it is activated, it generates HTTP requests in addition to standard logging. HTTP level covers the info level.

Info: Default required log level.

PreviousHow to gather logs for TroubleshootingNextCollecting Responder Log Files

Last updated

Was this helpful?