Skip to main content

Welcome to our updated site!

Skyhigh Security

Download and Install the Logging Client

Before you install the Logging Client, make sure the following applies:

Only install one instance of the Logging Client on a server, as installing multiple instances on a server can lead to issues when multiple users work with them at the same time to pull log data.

Install the Logging Client

To install the Logging Client, proceed as follows:

  1. Download the Logging Client and unzip the .exe file.

  2. Launch the installer. By default, the Logging Client is installed on your desktop.

  3. Once installed, open the Logging Client and on the configuration page, configure options as explained below.


    • Customer ID —This is the ID that was sent to you in an email when you began using Security Service Edge (SSE) or WGCS if you are using this product together with Trellix ePO. If there is a letter in the ID, do not include it.

    • Service — Choose SSE if you are using Skyhigh Security Service Edge or WGCS if you are using this product together with Trellix ePO.

    • Region — Choose a regional or country code depending on where your data is stored.

      • EU — European Union
      • IN  — India
      • SG — Singapore
      • UE — United Arab Emirates
      • UK — United Kingdom
      • US — United States
    • Name —Type your user name, which is most commonly the email address you use to log on to Secure Web Gateway (SWG).

      Instead of typing your own user name, you can also create an account for a new user who will be the dedicated user for reporting and type this user name here. For information about how to create this account, see Create a new user.

    • Password — Type the password you use to log on to Secure Web Gateway (SWG). If you log on with SAML, you cannot use the Logging Client.
    • API version — Enter the version of the API that downloads the fields you want to log. For more information about the fields each version of the API captures, see Reporting Fields

  4. Choose a method to collect logs, either Save in a folder, which downloads logs to your local system, or Send as Syslogs to have new logs sent to a syslog server.

  5. If you chose Save in a Folder, enter the path. If you chose Send as Syslogs, enter a host and port under Syslog Client Host and Syslog Client for the syslog server. Then choose an option for Transport.

You can also use the buttons at the bottom of the configuration page to complete the following activities.

  • Reset Fields — Resets the values of all fields on the configuration page to their default values.

  • Uninstall Service — Uninstalls the Logging Client.

  • Update Service —Updates the Logging Client with the latest values that you configured for it.

  • Stop Service — Stops the Logging Client.

  • Install Service — Starts the Logging Client.

    Once this has happened, the button changes to read Restart Service. Clicking it then, will restart the Logging Client. After you have stopped the Logging Client, the button will read Start Service. Clicking it then, will restart the Logging Client.

    If you have uninstalled the Logging Client, click this button to reinstall and start it. The button will read Install Service again if this should have changed due to other activities that you completed.
  • Test User — Checks the credentials that were submitted on the configuration page to authenticate a user.

Download the Logging Client

Click the link below to download the Logging Client to your Windows computer. Review also the legal information that is provided here.

Logging Client 2.0.1

Legal Information

The customer acknowledges that the Software is subject to the U.S. and when applicable, European Union export regulations. Customer shall comply with applicable export and import laws and regulations for the jurisdiction in which the Software will be imported and/or exported. Customer shall not export the Software to any individual, entity, or country prohibited by applicable law or regulation. Customer is responsible, at the Customer’s own expense, for any local government permits, licenses, or approvals required for importing and/or exporting the Software.

For additional information regarding exporting and importing the Software, review the “US Export Compliance” regulations. Skyhigh Security reserves the right to update this website from time to time at its sole discretion. If Skyhigh Security receives notice that Customer is or becomes identified as a sanctioned or restricted party under applicable law, then Skyhigh Security will not be obligated to perform any of its obligations under this license if such performance would result in violation of the sanctions or restrictions.

Upgrade the Logging Client

We recommend a fresh installation of the Logging Client rather than upgrading. Do the following to upgrade the existing Logging Client installed on your system: 

  1. Launch the existing Logging Client.

  2. Click Uninstall Service (if the Logging Client is already running on your system).

  3. Go to Control Panel and uninstall the Logging Client.

  4. Delete the logging_client folder from  C: \Users\<username>\AppData\Local.

  5. Delete the logging-client folder from  C: \Users\<username>\AppData\Roaming.

  6. Download the latest version of the Logging Client.

  7. Launch the installer.

Installation Logs 

Handle installation logs as follows:

  • To view the installation logs of the log pulling tool, go to this directory: /Users/<user name>/AppData/Local/logging_client.

  • The debug logs are available under ...\Users\<user name>\AppData\Local\logging_client\app-<version number>\logs.

  • For process.log and syslog-service.log: The size of these log files can reach up to 3 MB. Once it reaches this limit, a file is backed up for reference.

  • For log-service.log: The size of this log file can reach up to 10 MB. Once it reaches this limit, the file is backed up for reference.

  • The backup file number limit is 10 for the process.log and syslog-service.log files. It is 100 for the log-service.log file.

  • Configuration files that store the timestamp and queuing information are moved to SQLite.

  • The name of the database file is configuration.db. It is available under ...\Users\<user name>\AppData\Local\logging_client\app-<version number>.

IMPORTANT: Do not use the db file while logging is in process.

Registry Keys

To get the registry keys, navigate to these directories:

  • \HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client
  • \HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Services\loggingclientservice.exe

For example: \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\loggingclientservice.exe

  • \HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Services\EventLog\Application\loggingclientservice.exe
  • \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\loggingclientservice.exe
  • \HKEY_USERS\<user-profile-id>\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client

For example: \HKEY_USERS\S-1-5-21-2769216039-789830313-2455568129-162233\Software\Microsoft\Windows\CurrentVersion\Uninstall\logging_client

Add a System Proxy for Windows

Complete the following steps to add a proxy to your Windows system.

  1. Install the Logging Client.

  2. Open the settings.json file from your system. You can find the file in this path: C:\Users\<user name>\AppData\Local\logging_client\app-<version number>\resources\app\lib\assets\config.

  3. Add host name and port in the settings.json file.
    "proxy": {
        "host": "Add proxy hostname here",
        "port": "Add proxy port here"

For Example:
    "proxy": {
        "host": "",
        "port": "9090"
  1. Save your settings.json file.

  2. Open the Logging Client.

    As a result, the Logging Client connects usng the configured system proxy.

 If the Logging Client is already running on your Windows system, complete these steps:

 1. Click Uninstall Service on the Logging Client.

 2. Close the Logging Client.

 3. Add a proxy as mentioned above in steps 2 to 4.

 4. Open the Logging Client.

     As a result, the Logging Client connects using the configured system proxy.

  • Was this article helpful?