Using the TAC Gateway Tracing Tool (TGT Tool)

This article applies the a standalone TAC Gateway and a TAC Gateway array environment.

The TAC Gateway Tracing Tool (TGT Tool) allows administrators to collect extensive logs from different components of the TAC Gateway.  It is a powerful, flexible tool.  Administrators can run this tool to capture logs for analysis when needed.

TAC Gateway Tracing Tool is located in the following directory of the TAC Server.  Click on TacTacking to open.

C:\Program Files\PortSys\TAC Gateway\Tools

Administrators can run the tool in the background to capture verbose logs of current TAC Gateway operations. If there is a specific issue, the administrator can start tracing and reproduce the problem by producing verbose logs.

 Following are the available trace sources to capture logs.

ActiveSyncSaves ActiveSync processing logs when device control is enabled
ConfigurationConfiguration log writes logs about configuration processing
DataLogWrites TAC Database logging.
DataStoreWrites data store logs about user parameters such as device information and data store operation in AD LDS. Logs about data replication across multiple servers.
EnvironmentWrites general information about the TAC environment or configuration snapshot.
FileAccessWrites information about TAC File Access operation.
GenericWrites core information about TAC operation.
HTTPClientWrites information about communication between TAC gateway and backend servers using HTTP.
HTTPModWrites information about HTTP modification engine. Logs information about cookie filter, header changes, URL translation happening through TAC Gateway.
HTTPServerWrites information about HTTP request processing using TAC’s HTTP Server engine.
HTTPTunnelServerWrites information about SSL tunneling component and Client services component and client server communication such as RDP.
PolicyWrite logs about Access Policy evaluation and processing
PortalWrites events by portal web application such as application access.
ReportWrites logs when generate reports using reporting tool
SafeLoginWrite logs about SafeLogin process
SecurityWrites logs about Authentication and authorization when accessing application
SessionWrites information about sessions in TAC.
Standalone TAC

Do the Following to capture verbose logs for a situation.

  1. To start log capture, launch the tracing tool from the path “C:\Program Files\PortSys\TAC Gateway\Tools”
  2. If you know what type of logs need to enable, select the log level from the TGT Tool window for the respective sources.  Default level is “Info”  
  3. Select “Enable debug details collection” to collect more verbose logs.  It is applicable when Verbose mode is enabled in the “Change all to” field.
  4. Click Apply to start the capture.

The TGT Tool is run in the background to capture logs.  If you want to stop tracing, simply close the tool or click “Reset”.  Closing TGT Tool, AUTOMATICALLY resets the log level to default values.

If you are not sure what sources to collect logs from, enable verbose logs for all sources.  Bear in mind that enabling verbose logs for “DataLog” and “DataStore” sources will consume a lot of disk space.  Therefore it is recommended to keep them at default levels unless otherwise necessary or advised by the PortSys Support team.    

Captured logs are saved under the folder with the name of current configuration ID under “\Env” folder. The full folder path will be “C:\Program Files\PortSys\TAC Gateway\Log\Execution\Env\<Current Configuration ID>” 

Additionally, click on “Open Log Folder” to go to the logs folder.

TAC in Array

In an array environment, the administrator would need to identify which array node is handling sessions during an issue when the traffic is load balanced.  To identify the correct node, an administrator should open the TAC Management Console, go to theTools menu and select Session Monitor.

Session monitor will display what sessions are running on what node.  Locate the server name of the required user session, then go to that array node to start the TGT Tool as explained in Standalone TAC section above. 

Configuring Log stop trigger

The log stop trigger allows administrators to more efficiently capture logs by allowing you to enter a trigger.  Once the log engine catches the triggered text in the log output the tracing will stop. This option is helpful when TAC experiences random errors and we need to catch them over time.

The Log stop trigger can be configured under the Advanced tab of the TGT Tool.

In Advanced tab under “Log stop trigger” section enter “Trigger text” that you want to catch in the log output. Additionally, administrator can set “Trigger count” in number.

Click apply to start the logging.

Trace will send all output to files and will scan that output for the specified text.  Once that text is found (or it is found given number of times, as configured in tracing tool), the trace will reset. Once the “Trigger text” is found or the number of the occurrence of the “Trigger count” is reached, tracing will reset its state to default, hence verbose logging will stop, if it was enabled.

It is important that trace trigger analyzes actual log output.  If logging is not producing any output, the trigger will not find any matches.

Configure Content Log

Contains the actual data of requests and responses sent via Http Server and Http Client modules of TAC. This is like HTTP packet tracing.  It has data of request and response bodies, while by default we log only HTTP headers. This can be activated through the TGT Tool.

Content Logs are saved in “C:\Program Files\PortSys\TAC Gateway\Log\Execution\ContentLog\<Configuration ID>” Folder.

Do the following:

  1. Click “Enable Content Log” in Content Log section under Advanced Tab.
  2. Enter User Filter.  Multiple user logins can be entered by comma separated. If empty, all user logins will be processed.  Unauthenticated sessions processing will be logged under the anonymous folder.
  3. Click Apply to start logging.
  4. Click “Open Content Log” to open the log saved folder. Logs will be saving in a folder with current configuration ID.
  5. To stop logging close the tracing tool.

Important: Content Log data may contain sensitive information. It is advisable to use encrypted connection to transfer logs using public network.

Important:  Click on “Purge Content log” at the end of the troubleshooting session to remove all previously recorded content log (request body details) entries from disk.