Appendix B: Configuration Tabs
72
The Packet Log Tab
Introduction The Packet Log tab allows you to configure the RealSecure Desktop Protector packet
logging features. When packet logging is enabled, Desktop Protector records all the
network traffic that passes through your system.
Packet logs or
evidence logs?
Because they contain a record of all network traffic, packet logs can grow very large and
occupy a lot of disk space. If you do not need to record every packet, evidence logging
may be a better choice. See Collecting Evidence Files on page52.
Reading packet logs Packet logs are stored in the Desktop Protector installation directory. If you installed
Desktop Protector in the default location, you can find the packet log files at
C:/Program
Files/ISS/BlackICE
. Use a trace file decoding application such as Network Monitor to
view the information in these files.
Note: If you upgraded to 3.5 from a previous version of BlackICE, your evidence log files
are still stored in
C:\Program Files\Network ICE\BlackICE
.
Packet log files are encoded as trace files. You must have decoding application. See the
Windows NT or Windows 2000 documentation for more information.
Packet Log settings This table describes the settings on the Packet Log tab:
For more information about setting your packet logging preferences, see Collecting
Packet Logs on page54.
This setting... Has this effect...
Logging Enabled When selected, Desktop Protector captures packet logs.
Packet logging is disabled by default.
File Prefix Specifies the prefix for the packet log file names. Desktop
Protector automatically places an incremental counter in the
filename. For example, if you enter
ABC
, the file names will
be
ABC0001.enc
,
ABC0002.enc
, etc. The default file
prefix is
log
.
Maximum Size
(kilobytes)
Specifies the maximum size, in kilobytes, for each log file.
The default value is 2048 kilobytes.
Maximum
Number of Files
Specifies the maximum number of log files to ge nerate. The
default value for the maximum number of files to log is 10.
Table 21: Packet Log tab settings