Logging and ssh

tim_broberg
ServiceNow Employee
ServiceNow Employee

on ‎07-30-2018 12:07 PM

There are a lot of improvements in sncssh as opposed to j2ssh, but logging is one of the biggest.

In j2ssh, you set mid.ssh.debug = true, restart the mid server (maybe a few times), and eventually you get an extremely verbose giant of a log in your agent/logs/ssh.log file.

In sncssh you get a lot of options:

A) You may set mid.ssh.debug = true and get a giant of a log in your agent0.log.0 file.

B) You may add a parameter, debug=true, in your SSHCommand probe and get debug for just the one probe.

C) You may set mid.ssh.debug = "deferred" and the mid will carry a moderate amount of debug content for each session and dump the results only on error.

D) You may set mid.ssh.debug = <set of IP addresses>. The IPs can be a single IP (this is how I use debug most of the time), a range of IPs (192.168.1.1-192.168.1.254), a network (192.168.1.0/24), or a comma-separated list of those (192.168.7.1, 192.168.7.10-192.168.7.23, 192.168.7.128/25). SSHCommand will display debug info for only those IPs.

Any of these can be turned on or off ay any time without restarting the mid.

Also

  1. The output goes into the agent log so you can see it in the context of everything else the mid is doing.
  2. Since the output is in the agent log, it gets rotated and won't grow out of control and crash the mid server.
  3. The debug content is generally more useful under sncssh.

Personally, I leave debug off until I have a problem, then turn it on for one mid with mid.ssh.debug=10.11.12.13 (replace with relevant address). In dire straights when something just won't reproduce on demand for the IP I need, I would set to a range of IPs or "deferred."

If you just turn on all debug for a busy mid, you can easily generate 1MB/s of output, so try not to just blindly turn it on.

Hope this helps,

    - Tim.

  • 1,126 Views
Version history
Last update:
‎07-30-2018 12:07 PM
Updated by:
ServiceNow Employee