Collecting Binalyze AIR Console Log Files

Binalyze AIR Console log files

Binalyze AIR Console categorizes and stores the log files under three separate files as listed below:

  • Binalyze.AIR.Console.log

  • Binalyze.AIR.Console.UI.log

  • Binalyze.AIR.Console.API.log

  • Binalyze.AIR.Console.Migration.log

The log files that are generated by the Binalyze AIR Console are stored under the directory that is given below.


Downloading Binalyze AIR Console Logs and log files

Investigators and analysts can download Binalyze AIR Console log files either by using Binalyze AIR Console user interface or by connecting the console machines directly.

By using the command line interface

  1. Log in directly or connect remotely to Binalyze AIR Console machine with SSH

  2. Browse to the folder /opt/binalyze-air/volumes/app/binalyze-air/logs/

  3. Download the files by using SCP or view the contents of the files with tail, cat, or other CLI tools.

By using the user interface

  1. Click on 'Settings' in the primary menu.

  2. In the section titled 'Logging' a log level can be selected

  3. When selected, the 'Download Log Files' button will generate a compressed zip file which when expanded will look similar to the screenshot below:

Binalyze AIR Console Logs are rotated regularly, and only the last log files will be downloaded by using the Download Log Files action.

The log level of the Binalyze AIR Console can be changed according to the need. For example, if there is an issue in the Binalyze AIR Console, the log level can be changed to Debug or to HTTP to explore the issue better. The log levels can be configured from the same page that the log files are downloaded.

The log levels are explained below:

Debug: Debugging logs are used for troubleshooting and debugging purposes. When it is activated, it generates a very detailed and great amount of log records. This may affect the system's performance and may use too much disk space. Therefore, this level should be used carefully and only until the problem is resolved. Then it should be pulled back to the info level. Debug level covers both HTTP and info levels.

HTTP: HTTP logs are used for troubleshooting purposes. When it is activated, it generates HTTP requests in addition to standard logging. HTTP level covers info level.

Info: Default required log level.

Last updated