Debug SAV10.1/SCS3.1 服务器与客户端的安全通信过程 ;[�vVhf��j N;��4Y��HX Symantec官方说明:http://service1.symantec.com/SUPPORT/ent-security.nsf/0/057e65a9882d205288256fe40079d926?OpenDocument ��M�jK�]*& �K�b7��3?� .Ds
\3V-/Q 1、配置Debug: �EDAw�f��^ 在SAV10.1/SCS3.1服务器上HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\ProductControl\Debug键值:L|QE|XW|CC CP|ALL(参数设置)
aY`?.re��h �Z:A>H�q�8 CA l:显示Debug调试窗口,并同时将所有Debug信息保存到c:\program files\sav\vpdebug.log文件中;
S>���;G:aU �S6�!"0E�1 CA qe:显示所有Debug错误信息,包括SAV10.1/SCS3.1在下发病毒库、SAV策略、SCF防火墙策略、Licenses、根证书操作时的错误信息;
#GO��Qc|H' �(]��Kv/*0 CA xw:禁止显示Debug调试窗口,只将所有Debug信息保存到c:\program files\sav\vpdebug.log文件中。此操作的好处是尽可能的保证SAV10.1/SCS3.1服务器的性能,同时可事后分析Debug日志;
@ZE�(��t^J m�%m��_MRt CA cc或cp:显示证书Debug调试信息;此操作不推荐在SAV10.1/SCS3.1服务器下挂100个客户端上操作,因为这将严重降低SAV10.1/SCS3.1服务器的性能;
Z7[cxZ*�9
16oGN_86TR CA all:支持QE、XW、CC、CP等参数的输出的所有Debug调试信息;
`SqJ+XHN7� pzhQ�nP=3� vpdebug.log-Debug调试日志文件内容举例: 7x�iC�.)}. /�z/�YsnoP 00:34:33.480793[_CE0]|PKT: Got server packet [cmd: 4] from 192.168.1.7:4877 (SSL) using credentials:
P�ERvzL�lt 00:34:33.483892[_CE0]| <no certs in chain>
7�Zd3I�L�{ 00:34:33.486829[_CE0]|Alive - TS12003S:CLIENT_SET:Administrator (退出) (IP)-192.168.1.7
}'u)Ugq`Zx 00:34:33.489767[_CE0]|PKT: DoCOM_ALIVE returning 0x00000000
wfEzMaiICN 00:34:33.492724[_F24]|CheckinThread_0 (0xF24) - TS12003S:CLIENT_SET:Administrator (退出) (IP)-192.168.1.7
hN<�.*|�-f 00:34:33.495803[_F24]|CHECKIN: updating TS12003S_::_24207B23477F37D0702DA3A782BFF086 to Client list
l�E�b�L]Qb 00:34:33.500209[_F24]|UPDATEQ Queue - Adding client TS12003S_::_24207B23477F37D0702DA3A782BFF086 [(IP)-192.168.1.7] to queue
?r1�M0,{*� 00:34:33.991264[_F5C]|UPDATEQ(4) - next non-subnet selected item - TS12003S
T� �p^XN.7 00:34:33.995892[_F5C]|UPDATEQ(4) Client - processing begin TS12003S_::_24207B23477F37D0702DA3A782BFF086
l'c#�>V�F� 00:34:34.000221[_F5C]|PKT: manage connection to (IP)-192.168.1.7 using listening credentials.
�50!�<g#<, 00:34:34.005170[_F5C]|UPDATEQ(4) Client - locked existing check-in connection [(IP)-192.168.1.7:4877] to TS12003S_::_24207B23477F37D0702DA3A782BFF086
L�UEwb���C 00:34:34.014285[_F5C]|UPDATEQ(4) Client - GUID check skipped, he's still connected: TS12003S_::_24207B23477F37D0702DA3A782BFF086.
��<�1{s�0< 00:34:34.039636[_F5C]|PKT: manage connection to (IP)-192.168.1.7 using listening credentials.
�zS3$N>bIW 00:34:34.044204[_F5C]|UPDATEQ(4) Client - requested connection [(IP)-192.168.1.7:4877] close to TS12003S_::_24207B23477F37D0702DA3A782BFF086 (0x00000000).
��Pv~"�$kk 00:34:34.049717[_F5C]|UPDATEQ(4) Client - processing end TS12003S_::_24207B23477F37D0702DA3A782BFF086 - [push: no, task: 1, verified: 1, stream: yes, total msec: 54]
�zw"$X&�|� 00:34:34.054405[_F5C]|UPDATEQ(4) Client - processing end TS12003S_::_24207B23477F37D0702DA3A782BFF086 - [roots: 0x0, lic: 0x0, defs: 0x0, grc: 0x0, scf: 0x0]
�)Bq�yahC� 00:34:34.856599[_F90]|FWD: forward count 0
[ 此贴被sdlin118在2006-10-09 01:12重新编辑 ] 
Posted:2006-10-09 00:34 |
[楼 主]
let me try