Logs Overview

Cortex XSOAR logs information you can use for troubleshooting. log bundles server log elasticsearch log engine log bundle
The Cortex XSOAR logs provide information about events that occur in the system. These logs are a valuable tool in troubleshooting issues that might arise in your Cortex XSOAR environment. The Cortex XSOAR logs are located in
/var/log/demisto/
.
Additional Cortex XSOAR logs are available when you create a log bundle. For information about log bundles, see Create a Log Bundle.
Log
Description
server
The server log is automatically created and maintained by the server. It consists of a list of all activities performed by the server. It is constantly updated. This is the main log to view if there are problems in the system.
To quickly locate error messages, search for
error
in the log. Often, the error messages shown in the log do not indicate a serious problem. Serious errors will appear in the UI as well as in the server log.
elastic
Displays a list of all activities associated with Elasticsearch. The elastic log exists only when a Cortex XSOAR environment uses Elasticsearch. Use the information in this log to troubleshoot Elasticsearch issues.
d1
The d1 log appears when a Cortex XSOAR Engine is running. The d1 log contains information necessary to debug Engine related issue. The log displays Engine related errors, as well as noting if the Engine is connected.
d2
The d2 log appears whenever a Cortex XSOAR Agent is running. The d2.log contains information necessary to debug any Agent related issue. The log displays Agent related errors, as well as noting whether the Agent was correctly installed.

Recommended For You