Skip to main content
Skyhigh Security

Download and Install the Logging Client

The Logging Client handles log collection on your Windows system.

Before you install the Logging Client, be sure the following applies:

Install the Logging Client

To install the Logging Client:

  1. Download the client and unzip the .exe file.

  2. Launch the installer. By default, the client is installed on your desktop.

  3. Once installed, open the client and on the configuration page, set options as follows.

    logging_client.png
     
    • Customer ID. This is your org-level ID number that was sent to you in an email when you began using Skyhigh Security Service Edge (SSE) or WGCS if you are using this product together with Trellix ePO. If there is a letter in the ID, do not include it.
    • Service. Choose SSE if you are using Skyhigh Security Service Edge. Choose WGCS if you are using this product together with Trellix ePO.
    • Region. Choose a regional or country code depending on where your data is stored.
      • EU — European Union
      • IN  — India
      • SG — Singapore
      • UE — United Arab Emirates
      • UK — United Kingdom
      • US — United States
    • Name. Type your user name, which is most commonly the email address you use to log on to Skyhigh CASB or Secure Web Gateway (SWG).

      Instead of typing your own user name, you can also create an account for a new user who will be the dedicated user for reporting and type this user name here. For information about how to create this account, see Create a new user.
       
    • Password. Type the password you use to log on to Skyhigh CASB or SWG. If you log on to Skyhigh CASB with SAML, you cannot use the client.
    • API version. Enter the version of the API that downloads the fields you want to log. For more information about the fields each version of the API captures, see Reporting Fields
    • Scheduling interval. Set the number of minutes you want to have your logs crawled for new entries. Set the interval to at least 2 minutes because otherwise a call to the database will not pull any data, but lead to performance issues.

     4. Choose a method to collect logs, either Save in a folder, which downloads logs to your local system, or Send as Syslogs to have new
          logs sent to a syslog server.

     5. If you chose Save in a Folder, enter the path. If you chose Send as Syslogs, enter the Syslog Client Host and Syslog Client Port for the
         syslog server. Then choose an option for Transport.

You can also use the buttons at the bottom of the configuration page to complete activities as follows.

  • Reset Fields. Resets the values of all fields on the configuration page to their default values.
  • Uninstall Service. Uninstalls the Logging Client.
  • Update Service. Updates the Logging Client with the latest values that you configured for it.
  • Stop Service. Stops the Logging Client.
  • Install Service. Starts the Logging Client. Once this has happened, the button changes to read Restart Service. Clicking it then, will restart the Logging Client. After you have stopped the Logging Client, the button will read Start Service. Clicking it then, will restart the Logging Client.

    If you have uninstalled the Logging Client, click this button to reinstall and start it. The button will read Install Service again if this should have changed due to other activities that you completed.
     
  • Test User. Checks the credentials that were submitted on the configuration page to authenticate a user.

 

Download the Logging Client

Click the link below to download the Logging Client to your Windows computer. Review also the legal information that is provided here.

 


Logging Client 1.0.6


 


The customer acknowledges that the Software is subject to the U.S. and when applicable, European Union export regulations. Customer shall comply with applicable export and import laws and regulations for the jurisdiction in which the Software will be imported and/or exported. Customer shall not export the Software to any individual, entity, or country prohibited by applicable law or regulation. Customer is responsible, at the Customer’s own expense, for any local government permits, licenses, or approvals required for importing and/or exporting the Software.

For additional information regarding exporting and importing the Software, review the “US Export Compliance” regulations. Skyhigh Security reserves the right to update this website from time to time at its sole discretion. If Skyhigh Security receives notice that Customer is or becomes identified as a sanctioned or restricted party under applicable law, then Skyhigh Security will not be obligated to perform any of its obligations under this license if such performance would result in violation of the sanctions or restrictions.

Installation Logs 

  • To view the installation logs of the log pulling tool, go to this directory: /Users/<user name>/AppData/Local/logging_client
  • To change the region under Secure Web Gateway and Skyhigh SSE, go to this directory:
    Users/<user name>/AppData/Local/logging_client/app<version number>/resources/app/lib/assets/config

NOTE: It is effective only when you uninstall and restart the log pulling service. 

  • The debug logs are available under ...\Users\<user name>\AppData\Local\logging_client\app-<version number>\logs
  • The size of the logs files can reach up to 3 MB. Once it reaches the limit, the file is backed up for reference.
  • The backup file number limit is 10 for the log-service.log and syslog-service.log. It is 5 for the process.log.
  • Configuration files that store the timestamp and queuing information are moved to SQLite.
  • The database file is configuration.db, available under ...\Users\<user name>\AppData\Local\logging_client\app-<version number>.

IMPORTANT: Do not use the db file while logging is in process.

Registry Keys

To get the registry keys, navigate to these directories:

  • \HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client
  • \HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Services\loggingclientservice.exe

For example: \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\loggingclientservice.exe

  • \HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Services\EventLog\Application\loggingclientservice.exe
  • \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\loggingclientservice.exe
  • \HKEY_USERS\<user-profile-id>\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client

For example: \HKEY_USERS\S-1-5-21-2769216039-789830313-2455568129-162233\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client

Add a System Proxy for Windows

Complete the following steps to add a proxy to your Windows system.

  1. Install the Logging Client.

  2. Open settings.json file from your system. You can find the file in the path: C:\Users\<user name>\AppData\Local\logging_client\app-<version number>\resources\app\lib\assets\config.

  3. Add host name and port in the settings.json file.
{
    "proxy": {
        "host": "Add proxy hostname here",
        "port": "Add proxy port here"
    }
}

For Example:
{
    "proxy": {
        "host": "webgateway.itm.company.com",
        "port": "9090"
    }
}
  1. Save your settings.json file.

  2. Open the Logging Client.

    As a result, the Logging Client connects via the configured system proxy.


 If the Logging Client is already running on your Windows system, complete these steps:

 1. Click Uninstall Service on the Logging Client.

 2. Close the Logging Client.

 3. Add a proxy as mentioned above in steps 2 to 4.

 4. Open the Logging Client.

     As a result, the Logging Client connects via the configured system proxy.

  • Was this article helpful?