CP R71 Endpoint Security License Server Admin Guide

Check Point Endpoint SecurityLicense Server and Reporting Tool Administration Guide

Version R71

December 21, 2008

© 2003-2008 Check Point Software Technologies Ltd.

All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

RESTRICTED RIGHTS LEGEND:

Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19.

TRADEMARKS:

Please refer to http://www.checkpoint.com/copyright.html for a list of our trademarks.

For third party notices, see: http://www.checkpoint.com/3rd_party_copyright.html.

http://www.checkpoint.com/copyright.html

http://www.checkpoint.com/3rd_party_copyright.html

Table of Contents 5

Contents

Preface Introduction ................................................................................................ 7Who Should Read This Guide? ...................................................................... 7Summary of Contents ................................................................................... 8Contact Information ..................................................................................... 8Feedback .................................................................................................... 8

Chapter 1 Overview Introducing the License Server ...................................................................... 9

Licensing Files ..................................................................................... 10License Pools ....................................................................................... 11Shared Network Folder .......................................................................... 11Service Account.................................................................................... 12

Reporting Tool........................................................................................... 12Deployment Process................................................................................... 13System Requirements ................................................................................ 15

Chapter 2 Installing License Server Running the Installation Wizard .................................................................. 18Initial Server Configuration ......................................................................... 20Adding License Files .................................................................................. 21Completing the Installation......................................................................... 22Upgrading the License Server ..................................................................... 24

Chapter 3 Using License Server Working with the License Server.................................................................. 25

Working With Licenses .......................................................................... 26Working with Shared Network Folders ..................................................... 33Changing the License Server Password.................................................... 33

Command Line Tasks ................................................................................. 34Command Line Summary....................................................................... 34Displaying License Information .............................................................. 35Deactivating an Endpoint Client License ................................................. 36Offline License Activation ...................................................................... 36

Event Logging............................................................................................ 37Changing the License IP Address ................................................................ 38Stopping the License Server Service ............................................................ 40

Chapter 4 Reporting Tool Overview ................................................................................................... 41Before Using the Reporting Tool.................................................................. 42

Full Disk Encryption Status Files ............................................................ 42

6

Encrypted Log Files .............................................................................. 43Report File Locations ............................................................................ 43Shared Folder Permissions..................................................................... 43Firefox Settings .................................................................................... 43

Executing The Reporting Tool ..................................................................... 44Command Reference.................................................................................. 44Examples .................................................................................................. 45

7

PrefacePreface

In This Chapter

IntroductionThis document contains information regarding installation and use of the Check Point License Server and Reporting tool. For information regarding installation and use of specific Endpoint Security Client components, refer to their respective Administration or Client guides.

Who Should Read This Guide?This guide is intended for use by system administrators working with License Server. As a License Server administrator, you should be familiar with your organization network infrastructure, security requirements and operating procedures.

Introduction page 7

Who Should Read This Guide? page 7

Summary of Contents page 8

Contact Information page 8

Feedback page 8

Summary of Contents

8

Summary of ContentsThis guide contains the following material:

Contact InformationIf you require information on other security Check Point products or services, or if you encounter problems with License Server, please visit our web site or call us.

FeedbackCheck Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments to:

[email protected]

TABLE 0-1

Chapter Description

Overview Introduces License Server and presents an overview of the deployment process.

Installing License Server Describes the process of installing License Server.

Using License Server Describes how to perform license management tasks using License Server.

Reporting Tool Introduces the Reporting Tool utility and presents procedures for using it.

TABLE P-1 Contact information

Area Technical Support Sales

Telephone: The Americas 972-444-6600 1-800-429-4391

Elsewhere +972-3-6115100

Web site: www.checkpoint.com

http://www.checkpoint.com

mailto:[email protected]?subject=Check Point User Guide feedback

9

Chapter 1Overview

In This Chapter

Introducing the License ServerThe Endpoint Security License Server and Reporting Tool provides administrators with tools to manage Endpoint Security licenses on client computers. The License Server monitors and manages installed, activated and available licenses. Administrators can use license pools to reserve licenses for specific groups of endpoint clients.

The current License Server version provides limited license enforcement functionality. Administrators are responsible for ensuring that sufficient licenses are purchased and assigned to clients.

Introducing the License Server page 9

Reporting Tool page 12

Deployment Process page 13

System Requirements page 15

Note - License Server does not work with legacy Pointsec licenses or evaluation licenses.

Licensing Files

10

The License Server performs the following tasks:

• Maintains pools of licenses that are available and/or assigned to clients

• Receives requests from clients to activate or deactivate licenses

• Provides tools for other license management tasks

Endpoint Security clients interact with the License Server as follows:

• Requests license activation from the License Server

• Notifies users of license status

• Requests license deactivation or client decommissioning when requested

In order for the License Server to activate a license for a particular client, the corresponding license must either be installed on that client (Full Disk Encryption) or associated with the server that manages that client (Secure Access and Media Encryption). When a client activates a license from the License Server, it is assigned exclusively to that client and becomes unavailable to other clients.

Endpoint Security clients do not communicate directly with the License Server. Data is passed between clients and the License Server by means of data temporarily stored in shared network folders.

Administrators manage licenses and keep track of license activations by using either a GUI or a command line interface. Refer to Chapter 3, “Using License Server” on page 25 for details.

Licensing FilesCustomers obtain Endpoint Security license files from the Check Point User Center. Each license file contains the following components:

• A Certificate key that uniquely identifies each license file and protects it against tampering

• A specified quantity of endpoint licenses (seats) - each endpoint computer requires one endpoint license

• Definition of the specific Endpoint Security Client features enabled by this license

• License Server IP address

License Pools

Chapter 1 Overview 11

License PoolsA license pool contains one or more endpoint license files available for assignment to a specific group of endpoint clients. If a license pool does not contain any available endpoint licenses, the administrator must purchase additional licenses and add them to the pool or transfer an existing license file from another pool.

Upon installation, the License Server creates one pool, known as the global pool. When using a single pool in a given environment, all endpoint licenses reside n the global pool. You can define multiple license pools on a License Server to contain licenses available only to specific groups of endpoint clients. For example, individual departments, teams or branch offices can use their own license pools.

Administrators assign names to each new license pool. When multiple license pools are in use, each client is assigned to a specific named pool by its profile or by the server managing that client. If the pool to which a client is assigned does not exist, licenses, if available, are allocated from the global (default) pool. Likewise, if there are no available licenses in the assigned pool, licenses are allocated from the global pool.

For example, if a client requests a Full Disk Encryption license, the License Server first looks for an available license in the pool name that corresponds to the ‘Company Name’ in the profile. It this pool does not exist or does not contain any available licenses, the License Server server looks for available licenses in the global pool. If there are no available licenses in the global pool, the License Server cannot assign a license and returns an error.

Shared Network FolderThe License Server communicates with endpoint clients via a shared network folder located on the License Server computer. Permissions and network connectivity must be configured to allow access to the shared network folder by the License Server itself and all endpoint client computers served by that License Server.

You can define multiple shared network folders to support different networks, subnets and permissions as required.

Service Account

12

Service AccountThe Service Account is a designated Windows user having access permission to shared network folders and permission to run the License Service service. You define the service account and password during the License Server installation process and may be changed by an authorized administrator using the Windows user definition process.

Reporting ToolThe Reporting Tool is a command line utility that summarizes and presents information regarding Full Disk Encryption client status, including encryption, licenses and logged events. Reports are saved as XML files and, by default, automatically displayed in a web browser. The Reporting Tool can create the following reports:

• Summary and detailed reports of client encryption status

• Reports showing client license usage and status

• Reports showing events gathered from client logs

Deployment Process


Deployment ProcessThe following table presents an overview of the process of deploying Endpoint Security using the License Server.

Table 1-1 Deployment process

Step Description

1 Make an inventory of your network layout and clients to determine:

• How many endpoint licenses are required• How many license servers are required

• How many endpoint licenses each server will manage• Where the license server(s) will be deployed• How many license pools are required

• Location and permissions for access to shared network folders

2 Create the shared network folders and configure your network and firewall so that all endpoint computers can access them.

3 Acquire Check Point license file(s) that match your network set-up as determined in Step 1.

4 Install the License Server(s).

Deployment Process

14

See the appropriate feature Administration Guide for information regarding client installation, creating installation profiles, and deploying Endpoint Security to clients.

5 Install Endpoint Security servers as required to support Endpoint Security Client features deployed on your client computers. Make certain that you purchase the appropriate licenses for these servers.

The following list shows which servers are required for each of the available features:

• Full Disk Encryption: Full Disk Encryption master installation

• Port Protection: Media Encryption Server

• Media Encryption: Media Encryption Server

• Firewall: Secure Access Server

• Anti-Malware: Secure Access Server

• VPN Client: Secure Access Server

For installation instructions for these servers, please refer to the relevant product documentation.

6 Install Endpoint Security Client on client computers.

7 Activate the license. Activation typically occurs automatically following installation. If automatic activation is unsuccessful, activate the license manually offline.

Table 1-1 Deployment process

Step Description

System Requirements


System RequirementsThe following table presents the minimum hardware and operating system requirements for the License Server.

Table 1-2 License Server system requirements

Item Description

CPU Pentium III 450 MHz

Disk Space 300 MB

RAM 512 MB

Network Interface 1

Operating System Microsoft Windows XP Professional (SP2)Windows Server 2003

System Requirements

16

17

Chapter 2Installing License Server

In This Chapter

This chapter provides detailed instructions for installing initially configuring the License Server.

Running the Installation Wizard page 18

Initial Server Configuration page 20

Adding License Files page 21

Completing the Installation page 22

Running the Installation Wizard

18

Running the Installation WizardTo install the License Server, perform the following steps:

1. From the Endpoint Security Deployment Utility installation CD, run LicenseServer.exe, located in the \FullDiskEncryption\LicenseServer\ folder. The Welcome window opens.

Click Next to continue.

2. Click Next. to accept the license agreement.

3. Click Next to install the License Server at the default destination or click Browse to select a different folder.

Running the Installation Wizard

Chapter 2 Installing License Server 19

4. Select the features that you wish to install. Both Endpoint Security License Server and Endpoint Security Reporting Tool are selected by default.

Initial Server Configuration

20

Initial Server ConfigurationContinue with Installation Wizard windows to perform the initial server configuration.

1. In the License Server Password Settings window, enter and confirm the License Server password.

2. In the License Server Shared Folders window, Click Add, and then browse to a the shared network folders used to share data with Endpoint Security Client computers. Repeat this step for each shared folder you wish to define.

Note - Mapped drives are not supported as shared network folders. Use either UNC path names or local paths.

Adding License Files


Adding License FilesYou can optionally add Endpoint Security License Server files to a license pool at this point. If you do not wish to do so at this time, click Close to continue. For more details regard the procedure for adding a license, refer to “Working With Licenses” on page 26

To add a license from a file:

1. In the License Configuration window, click Fetch License from File.

2. In the Add License window, enter the fully qualified path or navigate to the appropriate license file.

3. Click OK. Repeat this step for each license you wish to add. Click Close in the License Configuration window to continue.

You can also add licenses by cutting and pasting the license string contained in the email you received from the User Center. Refer to “Working With Licenses” on page 26 for details.

Completing the Installation

22

Completing the InstallationThis section describes the final steps of the installation process.

1. In the License Server Service Account dialog box, enter the user account name, user password, and password confirmation in the designated fields. This user account must have full access to the shared network folders and permissions to run the License Server service.

Specify the user account in one of the following formats:

– Domain\User or Domain users: Domain\user or user@domain

– Local or workgroup users: Computer name\user

Completing the Installation


2. When the Wizard Complete window opens, click Yes, I want to restart my computer now and then Finish.

After you install the License Server, configure the client to communicate with it. Refer to the appropriate Administrator’s Guides for instructions.

Upgrading the License Server

24

Upgrading the License ServerThis section describes the upgrade procedure for the License Server. The upgrade process requires using two computers: the existing License Server platform and an another computer with identical capabilities to serve as the upgrade target.

The upgrade process involves creating a fresh installation of the current License server version on the target computer and then importing the configuration and database from the existing platform. This process ensures uninterrupted service to all endpoint clients.

To perform an upgrade:

1. Install the latest version of the License Server on the target computer as described in “Running the Installation Wizard” on page 18. Do not reboot the target computer once the installation is complete.

2. Copy DataBase and config.exe from the <Installation Folder>\bin folder on the existing License Server computer to the same location on the target computer.

3. Copy shared.dir from the <Installation Folder>\conf folder on the existing License Server computer to the same location on the target computer.

4. Reboot the target computer.

5. Run the License Server Utility (licServerUtil.exe) and verify that your configuration settings and database have been successfully migrated.

25

Chapter 3Using License Server

In This Chapter

Working with the License Server You can use the Endpoint Security License Server graphical interface to perform most of the basic license management tasks. Other features are available only by using the command line interface.

The License Server comes with four stand-alone utilities that allow you to work with License Server operations:

• License Configuration: Add, Remove or Move license files to another license pool

• Password Configuration: Change the License Server password

• Shared Folder Configuration: Add or change shared network folders

• License Server Utility: Work with the command line interface

To use the License Server utilities, click Start > All Programs > Check Point > Endpoint Security License Server. Select the desired utility from the menu.

Working with the License Server page 25

Command Line Tasks page 34

Event Logging page 37

Working With Licenses

26

Working With LicensesThis section presents procedures for using the License Server utilities to manage license files and endpoint client licenses.

Adding a License File from a FileTo add a new license file from a file:

1. Run the License Configuration utility.

2. In the License Configuration window, click Fetch License from file.

3. In the Add License window, enter the fully qualified path or navigate to the appropriate license file.

Click Change License Pool to change the license pool and/or create a new license pool.


Chapter 3 Using License Server 27

4. The new license file appears in the License Configuration window.

5. Repeat the preceding steps if you wish to add more license files.


28

Adding a License Using Copy and PasteYou can also add a license by copying the license string from the email received from the Support Center into the License Server.

To add a license using copy and paste:


2. In the License Configuration window, click Add License.

3. Copy the license string from the email that you received from the Support Center, as indicated below. Make certain that you copy the entire license string, even if it extends over more than one line.



4. In the Add License window, click Paste License. You can also manually type license information in the designated fields.

5. Click Calculate to calculate and display the validation code. Compare this with the validation code that appears in your email.

6. Click OK to confirm and add the license.


30

Removing a License FileIf you wish to remove a license file you must first deactivate all licenses currently assigned to endpoint clients. Refer to “Deactivating an Endpoint Client License” on page 36 for instructions.

To remove a license file:

1. Deactivate all assigned endpoint client licenses.


3. In the License Configuration window, select the desired license file and then click Remove License.

4. Click Yes to confirm.

Warning - If any licenses from the selected license file remain assigned to endpoint clients, an error message appears. If you choose to proceed, the License Server will automatically deactivate all such licenses, effectively “decommissioning” those endpoint clients.



Moving a License File to Another PoolYou can move a license file to another license pool at any time. This action has no effect on licenses currently assigned to endpoint clients.

To move a license file to another pool:

1. In the License Configuration window, select the desired license file and then click Change License Pool.

2. Click Yes to confirm that you wish to move this license file to a different pool.


32

3. In the Change License Pool window, select the pool to which you wish to move the license file and click OK.

a. If you wish to create a new license pool at this time, click New. Enter the name of the new license pool in the designated field.

b. The license file now appears in the new license pool.

Working with Shared Network Folders


Working with Shared Network FoldersTo work with shared network folders:

1. Run the Shared Network Folder Configuration utility.

2. In the License Shared Folders window,

Changing the License Server PasswordTo change the license server password:

Run the Password Configuration utility. In the Password Settings window, enter and confirm the new password,.

Note - Mapped drives are not supported as shared network folders. Use either UNC path names or local paths.

Command Line Tasks

34

Command Line TasksYou can use to the command line interface to view the status of licenses, pools and clients. Additionally, the you must use the command line to deactivate licenses and to perform offline license activation.

To access the command line:

Click Start > All Programs > Check Point > Endpoint Security License Server > License Server Utility.

A license status summary appears showing shared folders and general license information.

Command Line SummaryThe following table shows the available commands and their syntax:

Task Command

info info <option> [-d detailed] [-ck <certificate key>] [-pool <license pool> | all] [-f <FQDN>] [-g <GUID>] [-r html report [-s]] [-t truncated] [-o <outputfile>][-h help]

Options:-l Display License Information-c Display Clients Information-decom Display deactivated licneses

decom decom (-g <GUID> | -f <FQDN>) [-pool <license pool>] [-h help]

offline offline -r <request challenge> -f <FQDN> [-pool <license pool>] [-h help]

Displaying License Information


Displaying License InformationYou use the info command to display information regarding licenses, licensed clients and deactivated clients. You can display information either in the command window or graphically in a web browser. Additionally, you have the option of saving the information in a text file.

The following table presents the available arguments and options.Figure 3-1 Info command parameters

You can use only one filter argument (-ck, -f, -g) in any command.

Example: Viewing status of installed Licenses by certificate key

Info –l -d -ck CF7550EF8C05 -pool MyNewPool -r displays a detailed license file for a specific certificate key in MyNewPool in a web browser.

Example: Viewing status of all installed clients to a text file

Info –c -pool all -o client_report.txt creates a text file containing basic information for all installed clients.

Argument Description

-l Returns license information

-c Returns client information

-decom Returns deactivated clients

-d Creates a detailed report

-ck <certificate key> Returns only the specified certificate key

-pool [pool name] or

[all]

Returns only results from the specified license pool. The all argument results from all pools. If you do not specify a pool name, results from the global pool appear.

-f Display only the specified client FDQN

-g Display only the specified GUID

-r {-s} Create and save an html file and display it in a web browsers. The optional -s argument saves the html file without displaying in the browser.

Files are saved in the /WebData/Reports subdirectory.

-t Display detailed report with truncated columns to fit in an 80 character command line window)

-o <output file> Create report as text file to the specified file name

Deactivating an Endpoint Client License

36

Deactivating an Endpoint Client LicenseWhen uninstalling Endpoint Security Client, the client typically notifies the License Server. The license should automatically be released and returned to the pool as an available license.

If a license is not released automatically, either because the uninstall process failed to complete properly or because the client computer could not communicate with the License Server, it is necessary to deactivate it manually. You may also wish to manually deactivate a license for an endpoint client that is temporarily out of service to free up the license.

To manually deactivate a license:

1. Open the License Server Utility window.

2. Enter the decom command using the following syntax:

decom (-g <GUID> | -f <FQDN>) [-pool <license pool>] [-h help]

a. Enter values for either the GUID or FDQN for the client.

b. Enter the optional license pool argument (-pool) if desired. The global pool is assumed if no argument is provided.

Offline License ActivationIf the Endpoint Security client cannot access the licensed server, or fails to receive a response from the license server, you will need to activate the license offline. If, after 15 minutes, the client does not receive a response from the License Server, an error message appears, instruction the user to contact the administrator.

To activate a client license offline:

1. The client user contacts the License Server administrator, providing the following information:

– Fully qualified domain name (FQDN)

– Request challenge as displayed by the client

2. Use the offline command to generate a response code using the syntax:

offline -r <request challenge> -f <FQDN> [-pool <license pool>] [-h help]

If the pool argument is not supplied, the global pool is assumed.

3. Send the response code to the client user.

Event Logging


Event Logging License Server provides a basic set of logging and auditing features. The following events are recorded in the LicSerLog.log file located in the Log subfolder of License Server

• Adding/removing license file

• Adding/removing Shared folder

• Changing the password

• Activating a client

• Deactivating a client

• Offline activation

The following License Server events are recorded in the client side log file:

Event Description

EVID_LICENSE_INVALID An invalid license was detected.

EVID_LICENSE_EXPIRED An expired license was detected.

EVID_LICENSE_ACTIVATION A license was activated on a license server.

EVID_FAILED_LICENSE_ACTIVATION A license activation failed

EVID_LICENSE_DEACTIVATION A license was deactivated on he license server.

EVID_FAILED_LICENSE_DEACTIVATION License deactivation failed.

EVID_LICENSE_SERVER_INCONSISTENCY A client detects a license server inconsistency.

For example:

The element <transaction counter> in a response message is lower than in the previous response. This will happen if the license server is reinstalled.

Changing the License IP Address

38

Changing the License IP AddressCheck Point licenses are assigned to specific IP addresses. In the case of the License Server, licenses are assigned to the License Server IP address.

In some cases, the License Server IP address is not known when requesting a license from the User Center. In such cases, you can use a dummy IP address to request the license and later change it in the User Center when the correct IP address becomes known.

To change a license IP address in the User Center:

1. Log into the User Center at http://usercenter.checkpoint.com.

2. Click Products on the menu.

3. Select an account name if you have more than one account.

4. Click My Products on the sub-menu, if this option is not selected automatically by default. A list of products appears below.

5. Select the product license that you want to change..

6. Select License from the list at the right.

http://usercenter.checkpoint.com

http://usercenter.checkpoint.com

Changing the License IP Address


7. Change the IP address in the indicated field.

8. Click Change.

9. Click Get License.

10. Click Get License File to download the new license.

11. Add the new license file to the License Server.

Stopping the License Server Service

40

Stopping the License Server ServiceIt is strongly recommended that users do not manually stop the License Server service. Stopping the License Server service may result in the following message:

41

Chapter 4Reporting Tool

In This Chapter

OverviewThe Reporting Tool is a command line utility that summarizes and presents information regarding Full Disk Encryption client status, including encryption, licenses and logged events. Reports are saved as XML files and, by default, automatically displayed in a web browser. The Reporting Tool can create the following reports:

• Summary and detailed reports of client encryption status

• Reports showing client license usage and status

• Reports showing events gathered from client logs

Administrators can analyze files located in the network shared folders specified in the License Server configuration or specify a location containing files for the tool to analyze. The Reporting Tool is typically installed together with the License Server. You can, however, install it as a separate, stand-alone utility.

For further information refer to the Full Disk Encryption Administration Guide.

Overview page 41

Before Using the Reporting Tool page 42

Executing The Reporting Tool page 44

Command Reference page 44

Examples page 45

Before Using the Reporting Tool

42

Before Using the Reporting ToolThis section presents several issues and steps that must be performed before using the Reporting tool.

Full Disk Encryption Status FilesIn order for the Reporting Tool to access client status, you must configure each Full Disk Encryption client to store status files in the appropriate shared folder.

To configure Full Disk Encryption:

1. In the FDE Management Console, select Local in the Navigation Tree and then click Edit in the Actions pane.

2. In the Local window, select Install from the Navigation Tree.

3. Double click the Enable Export of Status to File parameter.

4. Enable the option and then click OK.

5. In the Local window, click Save.

Repeat these steps for each FDE client. It is recommended that administrators correctly configure this parameter in installation profiles for new clients.

Encrypted Log Files

Chapter 4 Reporting Tool 43

Encrypted Log FilesIn order to decrypt password protected log files, it is necessary to use the -p argument and enter the correct password when executing the Reporting Tool. Obviously, the password must be the same as the one used to encrypt the file on the client.

The Reporting Tool will not extract any data from files that it cannot decrypt. Data is always extracted from unencrypted files with or without a password.

It is recommended that administrators configure a uniform log password in configuration profiles for all new clients.

Report File LocationsBy default, reports are stored in subdirectories named according to the date and time that the report was generated as follows: Reports\dd-mm-yyyy-hh-mm-ss. XSL files are stored in the Reports directory. The XSL files are used to display reports in HTML format in a Web browser.

Shared Folder PermissionsAdministrators should have read permissions for the shared network folders on the License Server.

Firefox SettingsTo display reports in Firefox version 3.0 and higher:

1. Go to the following URL: about:config.

2. If the following warning appears, click I’ll be careful.

3. On the Advanced Settings page, double-click the security.fileuti.strict_origin_policy parameter and change it to false.

Executing The Reporting Tool

44

Executing The Reporting ToolThe reporting tool command, dslogs.exe, is located in the in the License Server program executable folder, typically: C:\Program Files\CheckPoint\Endpoint Security\LicenseServer\R70\bin\.

To execute the Reporting Tool:

1. Open a command window,

2. Navigate to the License Server program executable folder and execute dslogs.exe,

Command ReferenceThe dslogs.exe, basic syntax is as follows:dslogs.exe <Report Option> <Input Argument> [Optional Arguments]

The following tables explain the various options and arguments:Table 4-1 Report Options

Note - You cannot use the License Server Utility window to execute the Reporting Tool.


-s Summary encryption status report

-sd Detailed encryption status report

-lic Client license status report (available only when the Reporting Tools is not installed together with the License Server).

-log Client event log report

-all All reports

Note - The -lic and -all reports calculate the number of licenses differently when the Reporting Tool is not installed together with the License Server.

Examples

Chapter 4 Reporting Tool 45

Table 4-2 Input Arguments

Table 4-3 Report Options

Examplesdslogs.exe -sd -f C:\logs\status.txt - Generates a detailed encryption status report from the data contained in the status.txt.file.

dslogs.exe -log -f C:\logs\test.log Generates an event log report containing the last 10 events contained in the test.log file.

dslogs.exe -all -lr C:\Shared\Log - Generate license, encryption status and log reports from all files contained in the C:\Shared\Log folder.


-l <path> Extracts data from all files located in the specified folder. A fully qualified path to the specified folder is required.

- lr <path> Extracts data from all files in the specified folder and all subfolders. A fully qualified path to the specified parent folder is required.

dirs_list

-f <file name>

Extracts data from all files located in folders contained in the specified text file. Fully qualified paths to each of the folders, as well as to the text file, are required.

files_list

-f <file name>

Extracts data from all files contained in the specified text file. Fully qualified paths to each file in the list, as well as to the text file itself, are required.

<file name> Extract data from the specified file. A fully qualified path to the specified file is required. Can only be used with the -sd and -log report types.


-n <any integer> Extracts only the last specified number of entries

-p <password> Uses the specified password to decrypt protected log files

-o <output folder> Specifies the destination folder for the output reports (created under the Reports folder).

-sl Silent mode - suppresses displaying reports in a browser

-v Displays detailed (verbose) information

Examples

46

dslogs.exe -s Generates encryption status report from all the files located in the defined shared network folder and its subdirectories.

Documents

CP R71 Endpoint Security License Server Admin Guide