Log Overview

Sandfly keeps track of almost everything it does in relation to scanning your hosts. The logs here reflect at a high level what is going on with Sandfly. There are two main logs:

• Audit Logs
• Scan Error Logs

These logs are described in detail below.

Audit Logs

Audit logs contain all the information about the operations Sandfly is performing. Examples include:

1. User login/logout
2. Scans initiated
3. Scheduled scans that have run
4. Hosts added or deleted
5. Results added or deleted
6. Credentials management operations
7. Other system operations

The audit log also contains information on failed operations such as scheduled scans, node status failures and related data.

Scan Error Logs

Scan error logs contain high-level system level errors. These are errors that happened during the running of Sandfly and are different than individual sandfly errors described under the Results section. Errors at the high-level are often intermittent and caused by network issues or perhaps problems on the remote host unrelated to Sandfly. Examples of high-level system errors can include:

1. Host timeout
2. Remote host errors
3. SSH login and authentication errors
4. Server and database errors

It is rare that a system level error is fatal. Normally Sandfly will simply log what happened and carry on. If you see the same error happening repeatedly though, you can contact us for more help diagnosing the problem.