We put a lot of effort into making uberAgent a product that just works. Install it on your endpoints, point it to your Splunk backend and the dashboards immediately populate with these great metrics. That is just the way any (enterprise) software should work.
Sometimes, however, you might get to a point where you want to dig deeper and need more information about the product’s inner workings. In such a case, of course, uberAgent’s log files are your first stop.
Finding The Cause More Easily
uberAgent logs all of its actions and a great number of relevant system events (e.g., process starts, or logons). That gives you the opportunity to easily identify the root causes of problems (side note: those are most often caused by configuration issues that are typically very easy to spot in the log file).
Even though we take great care to optimize the log for readability it is sometimes hard to find the needle in the haystack. That is why we created an uberAgent log syntax highlighter for Notepad++, our preferred text editor on Windows. It highlights the key information, making it easier to find what you are searching for.
Installing The Highlighter
- Download the highlighter and unpack it.
- Open Notepad++ and go to Language -> Define your language…
- Click on Import… and select the unpacked XML file.
- Restart Notepad++
- The uberAgent Log Syntax highlighter is now available as a language in Notepad++
Using The Highlighter
The new language does the following things:
- It highlights the different severities in different colors
- DEBUG = blue
- INFO = green
- WARNING = yellow
- ERROR = red
- It colors the separators comma and equal in grey
- It highlights values enclosed in <> in red-brown
This should make troubleshooting with uberAgent’s log file a lot more convenient. Enjoy!