This article explains how to increase the log level of the TIE Server to help with debugging ATD-related issues such as:
- Determining whether files are being sent to ATD
- Determining which files were sent to ATD for checking
You can find information about the files that are sent to ATD on the TIE Server at
/var/McAfee/tieserver/logs/tieserver.log.
To increase the verbosity of the ATD logging:
TIE 2.1.x and earlier:
- Use a text editor to uncomment the following lines in /opt/McAfee/tieserver/conf/log4j.properties:
#log4j.logger.com.mcafee.jti.server.service.atd=trace, file
#log4j.additivity.com.mcafee.jti.server.service.atd=false
- Use the following command to restart the TIE Server service:
service tieserver restart
TIE 2.2.0 and later:
- Log on to the ePolicy Orchestrator console.
- Select the Policy Catalog.
- Select McAfee Threat Intelligence Server Management.
- Select and click edit on the policy associated with the given TIE Server.
- Select Server Configuration.
- Change the Log Level to INFO from the drop-down control.
- Save the policy.
- Perform a Wake Up Agent on the TIE Server for the policy to take effect. Enable Force Policy Update.