Want help with your product upgrades? Upgrades made easy

How to gather GFI WebMonitor (ISA / TMG version) Troubleshooter Logging

It is recommended that the following instructions be performed when requested by a GFI Technical Support Representative.  If you do not have an open case, please first submit a request at: www.gfi.com/supportform.

Please follow these steps that will provide us the needed information to isolate the issue:

Note: Please follow each of the steps in order and include all of the files requested in order to prevent delays due to requests for additional information
  1. Stop GFI WebMonitor, GFI WebMonitor Core Service and the Microsoft Firewall services
    • NOTE: This will interrupt internet access for users temporarily
  2. Delete all files from the ..\GFI\WebMonitor\DebugLogs directory
  3. Set registry key: HKEY_LOCAL_MACHINE\SOFTWARE\GFI\WebMonitor\debug to 1
    • If a 64 bit platform, the registry key is: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GFI\WebMonitor\debug
  4. Start the services stopped in step 1 
  5. Look in the ..\ Webmonitor\DebugLogs directory until you see that the WebmonPlgLog.txt file is created
  6. Reproduce the problem
    • Take screenshots of the client desktop and clock  (and time of the connections) and the result so we can find it in the logging
    • On the WebMonitor server immediately copy the ..\WebMonitor\DebugLogs directory and paste it into the DebugLogs directory. Tthis is necessary to capture the problem in the logging before the logs overwrite.
  7.  Run the GFI WebMonitor troubleshooter from Start > Programs > GFI WebMonitor > Troubleshooter
    • Note: If the Troubleshooter application appears to "hang" for more than 5 minutes, click Cancel, and copy the ..\GFI\Webmonitor\DebugLogs directory into the ..\GFI\Webmonitor\Support directory and continue with the next step
  8. Go to the installation directory of GFI WebMonitor and zip the ..\Program Files\GFI\Webmoitor\Support folder the Troubleshooter created
  9. Save the following to the ..\Program Files\GFI\Webmonitor\Support folder. Your APPLICATION and SYSTEM event logs in EVT format.
  10. Save the screenshots file with the http links also
  11. Zip up the support folder. Rename the file according to the following format yyyy_mm_dd_<case number>.zip (ex.. 2008_09_12_GFI-12345-67890).
  12. Upload the file to our FTP server:
    1. Login to the FTP server (Note: If you see a page with many files and folders, right-click the page and choose Logon As..., and put in the credentials below)
      • FTP Server details:
        • Host: ftp://ftp.gfisoftware.com
        • User: gfi
        • Pass: gfi911cust
        • If using Internet Explorer use ftp://gfi:gfi911cust@ftp.gfisoftware.com
    2. ​Copy and paste the file into the page
  13. ​Reply to the case email with the exact file name uploaded

Disable debug once you have collected the logging by reversing the steps:
  1. Stop GFI WebMonitor service and GFI Proxy service (This will interrupt internet access for users temporarily)
  2. Set registry key HKEY_LOCAL_MACHINE\SOFTWARE\GFI\WebMonitor\debug to 0. If this is a 64 bit platform, the registry key is: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GFI\WebMonitor\debug.
  3. ​Restart the GFI WebMonitor service and GFI Proxy service