Logging

The On-Premise Orchestrator facilitates the parsing of the messages sent from the SIEM / Monitoring tool. The Orchestrator passes this parsed information onto the Cyber Risk Aware cloud infrastructure to be processed. This process takes place without the need for user input and as a background process therefore it can be difficult to determine if processing has taken place and for some reason failed. 

To support with troubleshooting the Orchestrator to ensure it has received requests and has parsed and processed them successfully, the Orchestrator will produce a log that will track all requests made as well as debug information on the processing. The log file is generated and placed in the same folder as the Orchestrator installation (example : C:\cra-apps\Orchestrator). The log file will be in the format log-{date}.txt. An example of a log sequence is illustrated below:

2020-09-09 19:07:32.853 +01:00 [Information] Processing message with type dtex and trigger alert

2020-09-09 19:07:33.121 +01:00 [Information] OrchestratorConfigurationService:GetSettings: Making request to CRA API for settings

2020-09-09 19:07:36.963 +01:00 [Information] OrchestratorConfigurationService:GetSettings: API request returned success.

2020-09-09 19:07:37.370 +01:00 [Information] Username found: CraOrchestrator.Services.DTO.UserDetail

2020-09-09 19:07:37.440 +01:00 [Information] OrchestratorConfigurationService:GetSettings: Making request to CRA API for settings

2020-09-09 19:07:38.087 +01:00 [Information] OrchestratorConfigurationService:GetSettings: API request returned success.