Dr.Web Operation Logging

You can enable detailed logging for one or several Dr.Web components or services.

2.Select components, modules or services for which you would like to enable detailed logging. By default, the standard logging mode is enabled for all the Dr.Web components and the following information is logged:

Component	Information
SpIDer Agent	Time of updates and SpIDer Agent starts and stops, virus events, connections to central protection server, license events, Dr.Web component status, settings management (import, export), error notifications, and system reboot notifications. It is recommended to use this mode to get detailed information about the sources of errors in the program operation.
SpIDer Guard	Time of updates and SpIDer Guard starts and stops, virus events, data on scanned files, names of packers, and content of scanned complex objects (archives, email attachments, file containers). It is recommended that you use this mode to determine the most frequent objects scanned by SpIDer Guard file monitor. If necessary, add these objects to the list of exclusions in order to increase computer performance.
SpIDer Mail	Time of updates and the mail anti-virus SpIDer Mail starts and stops, virus events, connection interception settings, data on scanned files, names of packers, and content of scanned archives. It is recommended that you use this mode when testing mail interception settings.
SpIDer Gate	Time of updates, starts and stops of SpIDer Gate, virus events, connection interception settings, names of scanned files, names of packers, and contents of scanned archives. It is recommended that you use this mode for reception of more detailed information on the checked objects and work of the internet monitor.
Scanner	Updates of scanning modules and virus database information, time of Scanner starts and stops, information on detected threats, names of packers, and content of scanned archives.
Firewall	Information and decisions on requests coming to the service, information on unknown connections with reasons for the request, and information on errors. When you enable detailed logging, the component collects data on network packets (pcap logs).
Dr.Web Update	List of updated Dr.Web files and their download status, date and time of updates, and details on auxiliary script execution and Dr.Web component restart.
Dr.Web Service	Information on Dr.Web components, changes in their settings, component starts and stops, preventive protection events, connections to central protection server.

The Create memory dumps at scan errors option allows you to save useful information on operation of several Dr.Web components. This helps Doctor Web technical support specialists analyze an occurred problem in detail and find a solution. We recommend enabling this option on request of Doctor Web technical support specialists or when errors of scanning or neutralizing occur. Memory dump is saved to .dmp file located in the %PROGRAMFILES%\Common Files\Doctor Web\Scanning Engine\ folder.

1.To enable detailed logging for a Dr.Web component, select the corresponding check box.

Log settings cannot be adjusted if the administrator of the central protection server to which Dr.Web is connected blocks this option.

Size of a log file is restricted to 10 MB by default (and 100 MB for SpIDer Guard). If the log file size exceeds the limit, the content is reduced to:

•Specified size if the current session information does not exceed the limit.

•Size of the current session if the session information exceeds the limit.