Cryptshare differentiates between two kinds of logs, the System Log and the Transfer Log.
The transfer log is a representation of the transfer data which is being stored in the database.
The system log is a regular application logging system and logs all system events such as informational messages or system errors. This includes user operations such as uploads and downloads as well. Therefore the system log also contains the same information as the transfer log, however only as a textual log entry.
The contents of each log can be seen at the following locations:
- Transfer Log
- Administration Interface → System Status → Log View → Transfer Log
- System Log
- Administration Interface → System Status → Log View → System Log
- In the lower section of the Administration Interface the most recent log entries are listed
- Log Files in the subdirectory 'log' in the Cryptshare Installation Directory
In general the transfer log keeps all information belonging to a transfer. This includes the following information:
- Transfer Details
- Product used for providing the transfer
- Unique ID for the transfer (Tracking-ID)
- Time and Date when the transfer was provided
- Time and Date when the transfer will expire
- Transfer Content
- Encrypted File Names (File-IDs)
- File Checksums
- File Sizes
- Transfer Options
- Whether files are listed with their original names in email notifications
- Whether the sender will be informed via email after the transfer was provided successfully
- Whether the sender will receive an email notification each time a recipient retrieves one of the files in the transfer
- Sender Information
- Email address of the sender
- IP Address of the sender
- Recipient Information
- Unique ID per recipient (Transfer-ID)
- Email addresses of recipients
- Download Information
- IP addresses of recipients per download
- Time and Date when files have been viewed or downloaded
In addition to the contents of a transfer log listed in the chapter above, further content can be kept in the transfer log if the administrator activates the corresponding option.
Default Setting for Policy Rules
Please note, that these settings are only default settings for new policy rules. In order to activate the settings, they need to be activated in the policy as well.
|Messages and Subjects|
Messages written for the recipient notification are logged including the message subject.
When the message subject is not logged, it won't be saved in the database. This affects the functions "Revoke transfer", the reply links in the download page and "displaying the subject" in the download page.
|Filenames||The original file names will be logged. If the checkbox is not selected only the encrypted file names will be logged.|
The content of zip files will be logged.
Please note that zip content will only be logged if the setting 'Log Filenames' has also been enabled.
Automated deletion of expired log entries
By default Cryptshare keeps all transfer data in the database including the data of expired transfers.
If an administrator wishes to delete transfer information of expired transfers after a certain amount of time this option needs to be activated.
When active an additional input field allows to setup the interval after which expired transfer data will be deleted from the database.
Sending log data to the administrator
The Cryptshare Server can send a log export to the administrators on a regular basis. This feature is disabled by default.
Please note that the log contents will be sent via email and will be sent unencrypted.
The interval of when the log data is sent, can be changed from a minimum interval of one hour up to 2160 hours (90 days).
The period which will be covered by the log export can be changed to two different settings:
- Time period from the last time the log was sent
- Fix period in days
Send as Cryptshare Transfer
Usually the export data will be sent via email to the administrator. This however is unsecure as the email content is not encrypted. Enable the checkbox to send the data as Cryptshare Transfer if you want to receive a Cryptshare Transfer instead. In this case the data can be retrieved like a usual Cryptshare Transfer with the specified password.
Use this configuration page to change the settings for the logging of system events.
Cryptshare uses the software library LogBack to output general system information. LogBack is configured using an XML file, which can be edited below. By default, information is logged simultaneously to the standard output (console) and to the files 'cryptshare.log' and 'cryptshare_error.log'. On a daily basis, or by exceeding the maximum size of 50MB, they are stored as ZIP archive and a new, empty log file is created (log rotation). The number and the total size of all archive files is limited. If neccessary, the oldest archives are deleted.
The following sections describe the basic elements and configurations - more details can be found in the LogBack manual.
General configuration file structure
Basically, the logback configuration file consists of two types of elements: Appenders and Loggers. Appenders are log output channels, they define where logged information is written to - for example to the console output window or a file. Logger elements allow to specify, per application module, the level of detail which will be used for logging.
The default configuration defines three different appenders to handle log information:
- CONSOLE_DEFAULT - Output to the console window (standard out)
- FILE_DEFAULT - Logging of all information using the file 'cryptshare.log'
- FILE_ERROR - Logging of errors using the file 'cryptshare_error.log'
There are a number of other possible appenders for LogBack. Please see the corresponding section of the LogBack manual for more information.
Changing the log level
The log level can be defined in five stages:
- trace - Information about the internal program flow
- debug - Detailed information for error analysis
- info - Common information
- warn - Warnings
- error - Errors
Each of the log levels includes outputs of the 'heavier' log level. In log level 'info', for example, warnings and errors are also logged.
The log level can be specified generally or, if needed, by application module. The general setting can be defined by configuring the so called root logger:
This general setting can be overriden by specific Loggers, which specify the package name. For example, log messages coming from Cryptshare Server are logged with detail level 'info':
Please note that the choice of log level may have a significant impact on the system performance. The levels 'trace' and 'debug' should only be activated when necessary for error analysis.
Adjusting the log archiving
Both Appenders FILE_DEFAULT and FILE_ERROR (see above) are configured to use an automatic archiving with rotation. After a time interval, or after exceeding a certain size limit, the currently active log file 'cryptshare.log' or 'cryptshare_error.log' is moved and stored as ZIP archive. Afterwards, the log file will be created again.
The time interval can be configured using the 'interval' element. Possible values are: year, month, day or hour. For example, the configuration
specifies that a new log file is created every new day or be exceeding 50MB, whichever occurs first.
Additionally it can be specified under which confitions old archives are removed. The element 'maxHistory' specifies the amount, 'totalSizeCap' the maximum total size of all archives. For example:
Regardless of these settings, at least one archive will be kept.